A security engineer has been sentenced to three years in prison for conducting cryptocurrency hacks totaling $12 million.

Cybersecurity Breach: Security Engineer Faces Jail Time for $12 Million Crypto Hacks

Shakeeb Ahmed, a cybersecurity engineer found guilty of embezzling roughly $12 million in cryptocurrency, received a three-year prison sentence on Friday,

As announced by the U.S. Attorney for the Southern District of New York. Ahmed allegedly breached two cryptocurrency exchanges, siphoning off the mentioned sum, according to prosecutors. His legal representatives, Adam Schwartz and Bradley Bondi, did not immediately comment.

According to information provided by an Amazon spokesperson, Ahmed, formerly characterized as a senior security engineer at an international technology firm, had previous employment at Amazon, although he was not on their payroll at the time of his arrest. While one victim’s identity remained undisclosed, Ahmed purportedly infiltrated Crema Finance, a Solana-based crypto exchange, in early July 2022. Subsequently, he targeted Nirvana Finance, pilfering $9 million and $3.6 million in the two incidents, respectively.

The theft from Nirvana Finance accounted for nearly all of its assets, prompting its closure, according to the press release.

Ahmed admitted to orchestrating both cyberattacks.

Following the breach at Crema, Ahmed reached out to the company, proposing to return the embezzled funds for a fee of $1.5 million—a form of unofficial finder’s fee—and a commitment from Crema not to report the incident to authorities. Crema declined, leading to Ahmed’s eventual apprehension.

While such arrangements are uncommon in cybersecurity, they have become normalized within the crypto realm, often termed “white hatting.” However, these actions involve hacking and unauthorized fund acquisition, akin to activities typically associated with “black hat” hackers. Ahmed’s case underscores the disparity between the crypto industry’s acceptance of such practices as a cost of doing business and law enforcement’s perspective.

In addition to a three-year prison term, Ahmed was sentenced to three years of supervised release. Additionally, an order was issued for $12.4 million, along with a substantial amount of cryptocurrency, to be forfeited, and restitution exceeding $5 million to be paid to both the Crypto Exchange and Nirvana, as stated in the prosecutors’ press release.