The best person to rob a bank is often the safe seller.
The US Department of Justice arrested a cybersecurity professional on Tuesday, July 11, whom it accuses of having stolen at least $9 million in cryptocurrency. Although he personally enriched himself illegally and tried to hide it, the man still tried to pass himself off as an ethical hacker. But the American authorities do not seem fooled.
Well placed and well prepared, he still got pinched
A press release from the New York prosecutor announced the indictment of 34-year-old Shakeeb Ahmed. The man indicates on LinkedIn to be a cybersecurity engineer at Amazon, but the company has since explained that he no longer works there. In any case, in his indictment, the prosecutor explains that he is “ a security engineer in an international technology company, and his CV list of skills […] which are the ones that were used for his attack “. The amount involved, a little over 9 million dollars, is ultimately quite derisory compared to other attacks of the same kind.
The target of the attack is also not revealed, but the site CoinDesk explains that its description and date seem to indicate that it was the Crema crypto exchange platform that was the victim. Ahmed would then have tried to hide the origin of the sum by a series of transactions as well as purchases and resale of tokens before carrying out research on his criminal responsibility in such a case.
Unfortunately for him, Ahmed was apparently better at cybersecurity (and cybercrime) than financial engineering. It was finally the IRS, the American tax authorities, who discovered this unexplained arrival of money in his accounts, then triggering his arrest.
pretending to be a ” white hat »
If Ahmed had initially stolen the equivalent of more than 9 million dollars, it is a little more than 1.5 million that he finally kept, returning the rest to Crema of his own free will, before the start of the investigation. But it’s not because he felt remorse. The hacker tried to negotiate a drop of the charges in exchange for most of the sum, which the platform accepted.
By doing so, he wanted to pass himself off as a ” white hat », these ethical hackers who discover vulnerabilities on sites that have not asked them and who inform them so that they can correct the fault. It is not uncommon for this to be done at the request of the sites, which in such cases offer bug bountys, namely bonuses for those who discover flaws.
But in this case, it went the other way, which is apparently common practice, and Ahmed only became a ‘white hat’ after forcing Crema’s hand. A gray hat, at best.
Sources: TechCrunch, CoinDesk
0