A former Amazon software program engineer Shakeeb Ahmed was sentenced to 3 years in jail for exploiting sensible contracts.
The breaches in 2022 resulted within the theft of over $12 million in numerous cryptocurrencies. The trial was the first-ever sentencing for a cyberattack on sensible contracts.
Ahmed admitted in December 2023 to manipulating sensible contracts. By inserting fraudulent pricing information into the platforms’ contracts, the engineer generated roughly $12 million in unearned income, which he subsequently withdrew as cryptocurrency.
Whereas the prosecutors selected to not disclose one of many affected platforms, proof within the indictment suggests it was Crema Finance. The opposite platform concerned was Nirvana Finance, which ceased operations following the hack in July 2022.
Earlier than the incident, Ahmed had led Amazon’s bug bounty program, the place he recognized and stuck safety loopholes in its software program. The prosecution, highlighting the novelty of this case involving sensible contract hacking, had beneficial a four-year jail time period.
They acknowledged Ahmed’s cooperation and his restitution of the vast majority of the stolen funds however emphasised the necessity for his imprisonment to function a deterrent and underscore the gravity of his offenses.
Alternatively, Ahmed’s protection argued for probation as a substitute of jail time, citing his compromised psychological well being through the time of the hacks and the truth that the stolen funds have been largely untouched aside from protecting a relative’s medical bills. Ahmed, initially from Saudi Arabia, had his authorized staff plea for leniency primarily based on the next elements.