TechCrunch reports that former Amazon Senior Security Engineer Shakeeb Ahmed has been accused of exfiltrating nearly $9 million worth of cryptocurrency following a crypto exchange hack last year.
Ahmed achieved the breach through the exploitation of a vulnerability in the crypto exchange, wherein fake pricing data to yield millions in inflated fees have been inserted, while the stolen cryptocurrency was later laundered through several transactions, according to the indictment.
Ahmed was later noted to have decided to bring back most of the stolen funds should the crypto exchange agree not to inform law enforcement regarding the hack, said Justice Department prosecutors.
"Ahmed used his skills as a computer security engineer to steal millions of dollars. He then allegedly tried to hide the stolen funds, but his skills were no match for IRS Criminal Investigations Cyber Crimes Unit," said IRS CI Special Agent in Charge Tyler Hatcher.
While the exchange has not been specified in the indictment, it is believed that Solana-based Crema Finance had been breached by Ahmed in July 2022.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.