A former Amazon software program engineer Shakeeb Ahmed was sentenced to 3 years in jail for exploiting good contracts.
The breaches in 2022 resulted within the theft of over $12 million in several cryptocurrencies. The trial was the first-ever sentencing for a cyberattack on good contracts.
Ahmed admitted in December 2023 to manipulating good contracts. By inserting fraudulent pricing knowledge into the platforms’ contracts, the engineer generated roughly $12 million in unearned income, which he subsequently withdrew as cryptocurrency.
Whereas the prosecutors selected to not disclose one of many affected platforms, proof within the indictment suggests it was Crema Finance. The opposite platform concerned was Nirvana Finance, which ceased operations following the hack in July 2022.
Earlier than the incident, Ahmed had led Amazon’s bug bounty program, the place he recognized and glued safety loopholes in its software program. The prosecution, highlighting the novelty of this case involving good contract hacking, had really helpful a four-year jail time period.
They acknowledged Ahmed’s cooperation and his restitution of nearly all of the stolen funds however emphasised the necessity for his imprisonment to function a deterrent and underscore the gravity of his offenses.
However, Ahmed’s protection argued for probation as an alternative of jail time, citing his compromised psychological well being through the time of the hacks and the truth that the stolen funds have been largely untouched aside from protecting a relative’s medical bills. Ahmed, initially from Saudi Arabia, had his authorized crew plea for leniency primarily based on the next components.