Blockchain security firm Peckshield revealed on Feb. 26 that an exploiter labeled address associated with the Kyberswap hack had bridged approximately 800 ether tokens from Arbitrum to the Ethereum blockchain. On the same day, the Kyberswap team unveiled revised dates for reimbursing users impacted by the hacking. Kyberswap Hacker Starts Moving Funds Peckshield Alert, a […]
Source link
A web3 membership designed to empower you with cutting-edge insights and knowledge. Learn more ›
Welcome! 👋 You are connected to CryptoSlate Alpha. To manage your wallet connection, click the button below.
If you don’t have enough, buy ACS on the following exchanges:
Access Protocol is a web3 monetization paywall. When users stake ACS, they can access paywalled content. Learn more ›
Disclaimer: By choosing to lock your ACS tokens with CryptoSlate, you accept and recognize that you will be bound by the terms and conditions of your third-party digital wallet provider, as well as any applicable terms and conditions of the Access Foundation. CryptoSlate shall have no responsibility or liability with regard to the provision, access, use, locking, security, integrity, value, or legal status of your ACS Tokens or your digital wallet, including any losses associated with your ACS tokens. It is solely your responsibility to assume the risks associated with locking your ACS tokens with CryptoSlate. For more information, visit our terms page.
The decentralized exchange KyberSwap has offered a 10% bounty reward to the hacker who stole $46 million on Nov. 22 and left a note of negotiation. The exchange wants 90% of the loot returned by 6 am UTC on Nov. 25.
On Nov. 23, KyberSwap alerted users that its liquidity solution, KyberSwap Elastic, was compromised and advised them to withdraw funds. In the meantime, on Nov. 22, the hacker made away with roughly $20 million in Wrapped Ether (wETH), $7 million in wrapped Lido-staked Ether (wstETH) and $4 million in Arbitrum (ARB) tokens. The hacker then siphoned the loot across multiple chains, including Arbitrum, Optimism, Ethereum, Polygon and Base.
After hiding the stolen funds, the hacker wrote an on-chain message directed to KyberSwap developers, employees, decentralized autonomous organization members and liquidity providers, stating, “Negotiations will start in a few hours when I am fully rested.”
Following a day’s silence from both ends, KyberSwap responded to the hacker requesting the return of 90% of the stolen funds. The team acknowledged the skills of the hacker and laid down an offer:
“On the table is a bounty equivalent to 10% of users’ funds taken from them by your hack, for the safe return of all of the users’ funds. But we both know how this works, so lets cut to the chase so you and these users can all get on with life.”
If the hacker fails to pay back or respond to KyberSwap by 6 am UTC, Nov. 25, “you stay on the run,” said KyberSwap. The team is open to further discussion with the hacker via email.
Related: KyberSwap announces potential vulnerability, tells LPs to withdraw ASAP
A dissection of the recent KyberSwap hack by a decentralized finance (DeFi) expert suggests that the attacker used an “infinite money glitch” to drain funds.
Ambient exchange founder Doug Colkitt explained the KyberSwap attacker relied on a “complex and carefully engineered smart contract exploit” to carry out the attack.
1/ Finished a preliminary deep dive into the Kyber exploit, and think I now have a pretty good understanding of what happened.
This is easily the most complex and carefully engineered smart contract exploit I’ve ever seen…
— Doug Colkitt (@0xdoug) November 23, 2023
The attacker then repeated this exploit against other Kyberswap pools on multiple networks, eventually getting away with $46 million in crypto loot.
Magazine: This is your brain on crypto: Substance abuse grows among crypto traders
Kyber Network has asked all of its users to promptly withdraw all their funds without clicking on any suspicious links or DMs.
KyberSwap, a decentralized exchange (DEX) protocol, has reportedly experienced a $47 million exploit, based on on-chain data. The funds were associated with its Elastic Pools liquidity solution.
Unexpectedly, funds from wallets linked to the protocol moved to a single wallet, as highlighted by a user known as Spreek on X. The affected funds include $20.7 million on Arbitrum, $15 million on Optimism, $7 million on Ethereum, $3 million on Polygon, and $2 million on Base.
A significant portion of the funds comprises various forms of Ether, including wrapped tokens and liquid staking tokens. This is also in addition to other tokens like Arbitrum (ARB) and various stablecoins.
DEX platform KyberSwap issued a cautionary post on X, notifying users of a “security incident” involving KyberSwap Elastic. It strongly advised users to promptly withdraw their funds in response to the situation. KyberSwap further noted:
“We regret to inform you that KyberSwap Elastic has experienced a security incident. As a precautionary measure, we strongly advise all users to promptly withdraw their funds. Our team is diligently investigating the situation, and we commit to keeping you informed with regular updates. Reminder to not click on any phishing links or respond to DMs”.
A message embedded in a transaction, seemingly sent by the perpetrator, conveyed:
“Dear Kyberswap Developers, Employees, DAO members and LPs, Negotiations will start in a few hours. Thank you.”
KyberSwap Elastic, a platform enabling liquidity providers to select their preferred price ranges with automatic yield compounding, appears to be targeted. According to 0xngmi, an anonymous employee at crypto data site DefiLlama, who examined the transaction, it seems the hacker is draining the Kyber liquidity provider pools. The total value locked in the protocol also remains unaffected at $72 million. Besides, the news of the potential exploit led to a sharp decline in the price of Kyber Network Crystal (KNC).
“Looks like the Kyber exploits is flash loans and some sort of math/rounding issue. Each [transaction] is starting with an ETH balance coming in, looped mint/redeem/swap,” noted Adam Cochran, general partner at Cinneamhain Ventures, on X.
Crypto-related exploits continue this year as well in 2023. So far, the month of September has proved to be the worst month facing these exploits.
next
The KyberSwap hacker has shown a willingness to negotiate after exploiting the decentralized exchange for around $45 million, according to on-chain messages.
The attacker publicly messaged KyberSwap, stating negotiations would commence shortly after adequate “rest:”
“Dear Kyberswap Developers, Employees, DAO members, and LPs, Negotiations will start in a few hours when I am fully rested. Thank you.”
In a Nov. 23 statement, Kyber Network confirmed that KyberSwap, its flagship decentralized exchange product, was exploited for an undisclosed amount.
“As a precautionary measure, we strongly advise all users to promptly withdraw their funds. Our team is diligently investigating the situation, and we commit to keeping you informed with regular updates,” Kyber Network wrote.
However, blockchain security firm Cyvers Alerts estimated the theft to be around $45 million across different chains, including $20 million on Arbitrum, $15 million on Optimism, $7.5 million on Ethereum, $2 million on Polygon, and $315,000 on Base.
The firm added that the attacker was funded by the virtual cryptocurrency mixer Tornado Cash.
While the cause of the hack remains elusive, Adam Cochran, a partner at Cinneamhain Ventures, suggested that the attack was a “flash loans and some sort of math/rounding issue.” He added:
“Each [transaction] is starting with an Ethereum balance coming in, looped mint/redeem/swap.”
Doug Colkitt, the founder of Ambient Finance, a decentralized trading protocol, described the hack as “easily the most complex and carefully engineered smart contract exploit” he has ever seen.
In an extensive post on social media platform X (formerly Twitter), Colkitt explained:
“First thing to note is this exploit is specific to Kyber’s implementation of concentrated liquidity. There’s no reason to believe that other reputable concentrated liquidity dexes, like Ambient or Uniswap, are at risk from this exploit. (Though Kyber forks obviously are).”
Meanwhile, the theft significantly impacted the total value of assets locked on KyberSwap, plummeting to approximately $13.61 million from $84.9 million, as per Defillama data.
Additionally, Kyber Network’s native token, KNC, is down more than 2% in the reporting period to $0.72525 as of press time, according to CryptoSlate’s data.