KyberSwap’s Attacker Maneuvers $2.5 Million Across Blockchains

Last Updated:
KyberSwap’s Attacker Maneuvers $2.5 Million Across Blockchains
  • KyberSwap suffered a $2.5 million breach on Feb 26, raising decentralized exchange security concerns.
  • A prior heist in Nov 2023 cost KyberSwap up to $49 million, prompting negotiations and a large bounty.
  • KyberSwap’s financial and reputational damage post-exploit led to layoffs to address challenges.

KyberSwap found itself at the center of a security breach when the individual behind the incident transferred considerable funds. On February 26, this activity caught the attention of observers as the culprit moved $2.5 million in digital assets from Arbitrum to Ethereum, according to blockchain analytics firm PeckShield. The transfer involved 798.8 Ether and an additional $826,500 in Dai stablecoins, highlighting the breadth of the hacker’s loot.

The saga began on November 23, when KyberSwap was at the center of a cyberstorm. The decentralized exchange (DEX) alerted its community to a “security incident,” a euphemism for a heist that initially appeared to pilfer $46.5 million in digital assets. However, further investigations pushed the estimate closer to $49 million, marking it among the year’s most significant security breaches.

Moreover, the attackers left a message for KyberSwap, hinting at negotiations once they were “fully rested.” To salvage what could be recovered, KyberSwap extended a $4.6 million bounty to return 90% of the stolen assets. 

Nevertheless, the situation took a darker turn as the hacker voiced dissatisfaction with KyberSwap’s approach, threatening further delays in negotiations in response to legal threats and perceived hostility. The demands escalated quickly, with the hacker seeking total control over KyberSwap and its assets, including KyberDAO, Kyber’s governance mechanism. 

In the wake of these events, KyberSwap took steps to mitigate the damage to its community. On December 2, 2023, it announced treasury grants to compensate victims of the hack, a move necessitated by the extensive financial and reputational damage sustained. The incident also forced KyberSwap to make drastic cuts, reducing its workforce by half a month post-exploit.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.