A former security engineer employed by an international technology firm has been apprehended and accused of exploiting a smart contract bug to steal approximately $9 million in cryptocurrency from a decentralized crypto exchange based on the Solana blockchain.
Damian Williams, the United States Attorney for the Southern District of New York, recently announced the “first-ever criminal case” involving an attack on a decentralized exchange’s smart contract.
According to Williams, Shakeeb Ahmed, the accused individual, utilized his expertise to defraud the exchange and its users, pilfering the substantial sum of cryptocurrency.
The attack transpired in July 2022 and targeted a decentralized exchange operating on the Solana blockchain.
READ MORE: Chinese Government Tightens Regulations on AI Development
The assailant exploited a vulnerability in the exchange’s smart contracts, resulting in the generation of inflated fees through flash loans.
Subsequently, these funds were withdrawn and laundered through intricate transfers on the blockchain, involving the swapping of cryptocurrencies, navigation across various crypto blockchains, and utilization of overseas crypto exchanges.
Although the specific decentralized exchange that fell victim to the attack in July was not disclosed by Williams, previous reports from Cointelegraph unveiled that an unidentified hacker exploited Crema Finance, a Solana-based liquidity protocol, on July 2, 2022, resulting in the theft of $9.6 million in cryptocurrency.
The attacker eventually returned most of the funds but was allowed to retain $1.6 million as a white hat bounty.
Williams stated that Ahmed, in an attempt to evade legal repercussions, returned the majority of the stolen funds, withholding $1.5 million.
However, these actions failed to conceal the defendant’s tracks or deceive law enforcement agencies.
Ahmed was subsequently arrested in New York and now faces charges of wire fraud and money laundering relating to the attack on the Solana-based decentralized exchange in July 2022.
Crema Finance was contacted by Cointelegraph for further clarification but had not responded at the time of reporting.
Commenting on this recent development, Orlando.btc, a lawyer specializing in cryptocurrencies and startups, expressed the belief that such actions could benefit the decentralized finance ecosystem as a whole.
The indictment suggests that the U.S. Department of Justice is prepared to pursue criminal charges against individuals who intentionally exploit protocols in manners inconsistent with their intended use.
