Nirvana hacker sentenced to 3 years after pleading guilty

Shakeeb Ahmed was tied to two hacks, and the DOJ first filed an indictment against him in July of last year

April 12, 2024 11:52 am

Artwork by Crystal Le

Shakeeb Ahmed, the hacker behind the 2022 Nirvana exploit, a flash loan attack, was sentenced to three years on Friday.

The Department of Justice announced the sentencing, which marks the first time someone has been convicted for hacking a smart contract.

“No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice,” US attorney Damian Williams said in a statement. “And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”

Ahmed pleaded guilty to the DOJ’s charges in December of last year. At the time, he forfeited $12.3 million, with roughly $6 million of that in crypto.

Newsletter

Subscribe to The Breakdown

Ahmed, in addition to the forfeiture, was ordered to “pay restitution to the Crypto Exchange and Nirvana in the amount of over $5 million,” Friday’s release said.

The charges against Ahmed were first brought in July of 2023. However, they only linked him to the hack of one exchange. He was later found to have launched a multi-million dollar hack on another exchange.

Blockworks previously reported that the references matched the Crema Finance hack in July 2022. The DOJ still hasn’t publicly released the second exchange’s name.

According to the DOJ’s release, Ahmed – in addition to his prison term — will also face three years of supervised release.

The original indictment filed against Ahmed revealed that he attempted to utilize Google in the hopes of evading the authorities.

Ahmed allegedly searched “defi hack” and “how to stop federal government from seizing assets” on Google following the exploits.

At the time, Nirvana attempted to offer Ahmed a bug bounty of $600,000 to return the funds, but Ahmed — after demanding $1.4 million — didn’t reach an agreement with the team.

Get the news in your inbox. Explore Blockworks newsletters:

The Breakdown: Decoding crypto and the markets. Daily.
0xResearch: Alpha in your inbox. Think like an analyst.

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2026

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy tickets learn more

recent research

Research

Loopscale: Scaling Net New Assets in DeFi

Built on Solana, Loopscale is an orderbook-based lending protocol that pairs the efficiency of direct market matching with the flexibility and UX of modular protocols. We believe Loopscale can help scale NNAs in Solana DeFi and act as their foundational credit layer. Stablecoin deposits and select USD-pegged Loops on Loopscale are offering competitive yields, with an additional upside from farming the protocol and adjacent ecosystem projects (e.g., OnRe, Hylo) for potential future airdrops.

by Carlos Gonzalez Campo