When threat actors cause trouble, companies or individuals usually rely on cybersecurity firms or experts to resolve matters. However, there are times when the "good guys" themselves turn out to become bad actors too.
Cybersecurity Professional Turned Fraudster
A cybersecurity professional needs to have the skill to be able to do their jobs right. This, however, is also the same set of skills that hackers have and use to steal data and compromise systems, which is why it's easy enough to turn on what they do.
The US government accused a cyber expert of hacking a cryptocurrency firm, resulting in $9 million worth being stolen. The US Attorney's Office of the Southern District of New York's Filing indicates that the cybersecurity professional is Shakeeb Ahmed.
The 34-year-old is a senior engineer for an international technology company who, as mentioned in Tech Crunch, "reflected skills in, among other things, reverse engineering smart contracts and blockchain audits."
These same skills are what made Ahmed capable of conducting cyberattacks. The company he worked in was not explicitly mentioned. His LinkedIn profile mentioned that he used to work as a senior security engineer at Amazon, but has long since left the company.
Based on the timeline when Ahmed executed the attack, it's likely that the cryptocurrency exchange that was hit was Crema Finance, which is a Solana-based exchange that reported an attack in early July.
The cybersecurity professional conducted the attacks around July 2nd and 3rd. Although Ahmed successfully stole assets, was also accused of wire fraud and money laundering regarding the stolen amount.
Reports say that he did return $8 million worth of the crypto he stole. Still kept $1.5 million, but the majority of the funds returned was so the cryptocurrency exchange would not involve the authorities. This, however, was not the case.
Ahmed managed to breach the firm through a vulnerability, wherein he inserted fake pricing data to generate millions worth of inflated fees. He used his skills to hide the assets, but the IRS Criminal Investigation's Cyber Crimes Unit still caught the hacker.
It did not help that Ahmed reportedly searched for information online regarding the criminal liability of his actions, attorneys that had experience in the matter, the length that authorities would take in such an attack, and if he could avoid charges by leaving the US.
Read Also: Alleged 2021 FBI Hacker, Dark Web Forum Owner Arrested by US Authorities
White Hat Hacker
White hat hackers are the ones who attempt to breach systems, only for the purpose of finding vulnerabilities that need fixing. They are usually referred to as "ethical hackers" because of the nature of their work.
Most of the time, they are cybersecurity professionals like Ahmed, or paid employees within the company. There are also instances when people with no professional affiliation or ties to the company to the hacking, but still inform them of the potential exploits, which are usually called "gray hat hackers."
In Ahmed's case, he was a white hat hacker turned bad, therefore making him a black hat hacker, according to Kaspersky. He breached the crypto firm's for his own gain, therefore acting with malicious intentions.
Related: 5 Most Interesting Hacks from Anonymous Hacker Group
