Ethical Hacker Turned Rogue: The Intriguing Case of Shakeeb Ahmed

hacker, computer, programming-5471975.jpg


In a recent turn of events, a cybersecurity professional found himself at the center of a high-profile hacking incident involving a cryptocurrency exchange. Shakeeb Ahmed, a 34-year-old senior security engineer, was indicted by the U.S. Attorney’s Office of the Southern District of New York for his alleged involvement in hacking and stealing approximately $9 million in cryptocurrency. What makes this case particularly intriguing is Ahmed’s background as an ethical hacker, who seemingly transitioned into a rogue operator, only to make attempts at reclaiming an ethical stance. Let’s delve into the details of this captivating story.

The Indictment:

Ahmed’s indictment highlighted his position as a senior security engineer at an undisclosed international technology company, where he possessed specialized skills in reverse engineering smart contracts and conducting blockchain audits. The U.S. Attorney’s Office emphasized that Ahmed utilized these very skills to orchestrate the attack.

Ahmed’s Employment:

Though the specific details of Ahmed’s employment remain undisclosed, his LinkedIn profile mentioned his position as a senior security engineer at Amazon. However, an Amazon spokesperson confirmed that Ahmed is no longer employed by the company.

The Victim:

While the prosecutors did not explicitly name the victim, CoinDesk, a prominent cryptocurrency news website, reported that the timing and description of the hack align with the attack on Crema Finance—a Solana-based exchange—which occurred in early July 2022. The indictment’s dates, July 2 and 3, coincide with the period when Ahmed allegedly targeted an unnamed exchange.

The Return of Stolen Funds:

During the course of the investigation, it was revealed that Ahmed engaged in communication with the crypto exchange he targeted. He offered to return all the stolen funds, except for $1.5 million, on the condition that the exchange refrained from involving law enforcement. This tactic, whereby hackers negotiate with victims and return a portion of the stolen funds, has become common in the crypto world. Such individuals often refer to themselves as “white hats,” borrowing from cybersecurity terminology denoting hackers with benevolent intentions. However, this case illustrates that returning a portion of the loot does not exempt one from legal consequences.

Ahmed’s Modus Operandi:

According to the indictment, Ahmed exploited a vulnerability within the targeted exchange, manipulating pricing data to generate inflated fees, allowing him to withdraw funds he had not legitimately earned. This intricate scheme allowed Ahmed to fraudulently amass millions of dollars.

The Law Enforcement Response:

Special Agent in Charge Tyler Hatcher, from the IRS Criminal Investigation’s Cyber Crimes Unit, acknowledged Ahmed’s use of his computer security skills to orchestrate the theft. Hatcher stated that Ahmed’s attempts to conceal the stolen funds were ultimately unsuccessful, as the Cyber Crimes Unit was able to unveil his actions.


The case of Shakeeb Ahmed presents a fascinating narrative, wherein an ethical hacker allegedly strayed from his virtuous path to engage in illicit activities. As this incident demonstrates, the return of stolen funds does not guarantee immunity from prosecution. Ahmed’s use of his professional skills to carry out the attack serves as a stark reminder of the potential misuse of expertise within the cybersecurity domain. Ultimately, this case serves as a testament to the relentless efforts of law enforcement agencies to combat cybercrime and preserve the integrity of the digital landscape.