Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison.
In a press release, the U.S. Attorney for the Southern District of New York announced the sentence. Ahmed was accused of hacking into two cryptocurrency exchanges, and stealing around $12 million in crypto, according to prosecutors.
Adam Schwartz and Bradley Bondi, the lawyers representing Ahmed, did not immediately respond to a request for comment.
When Ahmed was arrested last year, the authorities described him as “a senior security engineer for an international technology company.” His LinkedIn profile said he previously worked at Amazon. But he wasn’t working there at the time of his arrest, an Amazon spokesperson told TechCrunch.
While the name of one of his victims was never disclosed, Ahmed reportedly hacked into Crema Finance, a Solana-based crypto exchange, in early July 2022.
Then, weeks later, he hacked into Nirvana Finance. Ahmed stole $9 million and $3.6 million in those two hacks, respectively. In the case of Nirvana Finance, the stolen funds “represented approximately all the funds possessed by Nirvana,” which led Nirvana Finance to shut down, according to the press release.
Ahmed pleaded guilty to having carried out both cyberattacks.
Disrupt 2026: The tech ecosystem, all in one room
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.
Save up to $300 or 30% to TechCrunch Founder Summit
1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
Offer ends March 13.
Contact Us
Do you have information about cryptocurrency heists and hacks? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.After he hacked Crema, Ahmed contacted the company in an attempt to return the stolen funds, except for a fee of $1.5 million — a sort of unofficial finder’s fee — and a promise that Crema wouldn’t report the attack to the authorities. Crema declined, and Ahmed was eventually apprehended.
While this type of deal is unusual in the cybersecurity world, it has become normalized in the crypto world. These deals are often referred to as “white hatting,” even though it involves hacking a target and stealing a victim’s funds without their consent, which is more akin to what a “black hat” hacker would typically do. Ahmed’s case shows that while the crypto industry has accepted that this type of deals are sometimes the cost of doing business, law enforcement doesn’t see it the same way.
Apart from three years in prison, Ahmed was also sentenced to three years of supervised release, and ordered to forfeit $12.4 million “and a significant quantity of cryptocurrency and pay restitution to the Crypto Exchange and Nirvana in the amount of over $5 million,” according to the prosecutors’ press release.
Cybersecurity professional accused of stealing $9M in crypto
