Nirvana hacker sentenced to 3 years after pleading guilty

Shakeeb Ahmed was tied to two hacks, and the DOJ first filed an indictment against him in July of last year

article-image

Artwork by Crystal Le

share

Shakeeb Ahmed, the hacker behind the 2022 Nirvana exploit, a flash loan attack, was sentenced to three years on Friday.

The Department of Justice announced the sentencing, which marks the first time someone has been convicted for hacking a smart contract.

“No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice,” US attorney Damian Williams said in a statement. “And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”  

Ahmed pleaded guilty to the DOJ’s charges in December of last year. At the time, he forfeited $12.3 million, with roughly $6 million of that in crypto.

Ahmed, in addition to the forfeiture, was ordered to “pay restitution to the Crypto Exchange and Nirvana in the amount of over $5 million,” Friday’s release said.

Read more: ‘Can I cross border with crypto?’: Hacker turned to Google after $9M DeFi raid

The charges against Ahmed were first brought in July of 2023. However, they only linked him to the hack of one exchange. He was later found to have launched a multi-million dollar hack on another exchange. 

Blockworks previously reported that the references matched the Crema Finance hack in July 2022. The DOJ still hasn’t publicly released the second exchange’s name.

According to the DOJ’s release, Ahmed – in addition to his prison term — will also face three years of supervised release.

The original indictment filed against Ahmed revealed that he attempted to utilize Google in the hopes of evading the authorities. 

Ahmed allegedly searched “defi hack” and “how to stop federal government from seizing assets” on Google following the exploits. 

At the time, Nirvana attempted to offer Ahmed a bug bounty of $600,000 to return the funds, but Ahmed — after demanding $1.4 million — didn’t reach an agreement with the team.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Hilton Park Lane

Tues - Wed, November 10 - 11, 2026

DAS London is a two-day summit at the Hilton Park Lane in London featuring conversations between the builders, allocators, and policy makers who are shaping the trajectory of the digital asset ecosystem in the UK, Europe, and North America.

Marina Bay Sands Singapore

Wednesday, October 07, 2026

DAS Asia is a a single-day summit at Marina Bay Sands Singapore featuring conversations between the builders, investors, and global leaders are shaping the trajectory of the digital asset ecosystem in Asia & North America.

recent research

Black Generic.png

Research

Compute demand is two-sided, the precondition for any hedging market. Producers (neoclouds and independent data centers) fear their inventory clears below cost. Consumers (inference platforms and the agentic application layer) fear compute will get more expensive. The common read holds that nonfungibility keeps both off any general exchange, since a buyer wants a named SKU in a named region rather than a basket, so the trade stays bilateral and the only exchange users are dealers hedging their book. That describes launch conditions, but understates how commodity markets form. Canonical benchmarks get made through trading, and reservations standardize as the curve deepens. The dealer-intermediated structure is not the end state, it is the seed of one.

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Blockworks Research

Unlock crypto's most powerful research platform.

Our research packs a punch and gives you actionable takeaways for each topic.

SubscribeGet in touch

Blockworks Inc.

133 W 19th St., New York, NY 10011

Blockworks Network

NewsPodcastsNewslettersEventsRoundtablesAnalytics