Policy
Share this article

U.S. Department of Justice Arrests Engineer Over $9M Crypto Theft

The DOJ alleged that Shakeeb Ahmed stole $9 million from a crypto exchange that operates on Solana, through a flash loan attack last year.

By Nikhilesh De|Edited by Aoyon Ashraf
Updated Jul 12, 2023, 2:46 p.m. Published Jul 11, 2023, 4:39 p.m.
Department of Justice (Shutterstock)
Department of Justice (Shutterstock)

The U.S. Department of Justice (DOJ) arrested a security engineer on wire fraud and money laundering charges, alleging he stole $9 million worth of crypto from an unnamed decentralized cryptocurrency exchange.

The DOJ alleged that Shakeeb Ahmed was able to "fraudulently obtain" $9 million worth of crypto from an unnamed decentralized cryptocurrency exchange (DEX) by creating fake pricing data to generate fees that he was then able to withdraw. Police arrested Ahmed on Tuesday.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the State of Crypto Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

"In July 2022, Ahmed carried out an attack on the Crypto Exchange by exploiting a vulnerability in one of the Crypto Exchange’s smart contracts and inserting fake pricing data to fraudulently cause that smart contract to generate approximately $9 million dollars’ worth of inflated fees that Ahmed did not legitimately earn, which fees Ahmed was able to withdraw from the Crypto Exchange in the form of cryptocurrency," a DOJ press release said.

The DEX in question operates on the Solana blockchain, the DOJ said. Ahmed allegedly took out flash loans worth "tens of millions of dollars," deposited them in the DEX's liquidity pool, withdrew the funds and claimed a large percent as fees. He took out at least twenty one flash loans, according to a copy of the indictment.

Ahmed then tried to launder the funds by converting them into different cryptocurrencies, moving them across blockchains, converting into monero XMR$391.72 and sending them through different crypto exchanges, the DOJ alleged.

Ahmed also offered to return most of the funds to the DEX in question provided the developers not reach out to law enforcement, the DOJ said.

While the DOJ did not explicitly name the DEX, the description matches last year's theft from Crema Finance, a Solana-based DEX. The attacker was able to take more than $9 million from the DEX last July, later returning around $8 million and keeping about $1.7 million.

Other details in the indictment also suggest that Crema could be the affected exchange. Ahmed allegedly read a news article titled "[Crypto Exchange] Vulnerability Causes DeFi Clients to Lose Millions," matching an FXLeaders article.

Crema Finance developers could not be immediately reached for comment.

RegulationsDOJDEXdecentralized exchangesFlash LoansSolana News

More For You

Protocol Research: GoPlus Security

By CoinDesk Research
Nov 14, 2025
Commissioned byGoPlus
GP Basic Image

What to know:

  • As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
  • GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
  • Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
View Full Report

More For You

State of Crypto: Wrapping Up the Month

By Nikhilesh De
1 hour ago
U.S. Congress (Jesse Hamilton/CoinDesk)

Congress continues to make progress on crypto issues but things are moving slowly.

Read full story