Hacker Refuses to Return Funds, Kyber Network Threatens Legal Action

As the deadline for returning 90% of the stolen $47 million passed, Kyber Network extended the deadline and threatened legal action if the hacker did not comply.

Update on 29/11/2023:

After several days of silence, the hacker behind the $47 million KyberSwap attack has finally responded to the project's team.

The hacker claimed that despite offering to negotiate, they received threats and ultimatums from Kyber Network. However, the hacker indicated that they would make an offer regarding the stolen funds on 30/11 (UTC).

Original Article:

In an on-chain message sent to the hacker on 25/11, Kyber Network announced that it had reported the incident to law enforcement and cybersecurity agencies to trace the attacker.

“We have contacted law enforcement and cybersecurity agencies about this case. We have the means to trace you.
Therefore, it would be in your best interest to accept our initial offer from the previous message before law enforcement and cybersecurity agencies track you down,” warned Kyber Network.

This message reminded the hacker that the deadline for the initial offer (13:00 on 25/11/2023) had passed without any response. Kyber had proposed that the hacker return 90% of the stolen funds, keeping the remaining 10% as a bug bounty reward.

“If the situation is not resolved, a bounty will be opened for the community,” Kyber added.
The DEX stated it would initiate a bounty program to encourage the community to track and provide information about the hacker if the funds were not returned by 17:00 on 27/11/2023 (Vietnam time).

Interestingly, the community noticed that Kyber capitalized the words "Fixed" and "Float" in the message, hinting at the FixedFloat exchange, which is believed to be where the hacker transferred the stolen funds and may have been identified.

On 23/11, Coin68 reported that KyberSwap had been hacked, resulting in a $54.7 million loss. The hacker targeted KyberSwap's Elastic liquidity pools, stealing assets across multiple blockchains, including Ethereum, Arbitrum, Optimism, Base, Polygon, and more.

This hack is considered one of the most complex and sophisticated attacks in history. Kyber Network acknowledged the intricacy of the exploit after conducting an investigation.

At the time of the hack, the attacker left a message indicating a willingness to negotiate after taking a break but has since shown no signs of cooperation with the project.

Additionally, the crypto community discovered that the hacker sent 1,000 ETH to a wallet that had received funds from the 2020 Indexed Finance hack, suggesting a possible connection between the two incidents.

On the evening of 26/11, Kyber Network CEO Victor Trần reassured the community, pledging to support users during this challenging time.

Furthermore, Kyber Network reported recovering $5.7 million by collaborating with individuals running MEV Bots on Polygon and Avalanche.

The price of KNC is currently trading around $0.72 and has remained relatively stable despite the hack.

KNC/USDT chart captured at 10:30 AM on 27/11/2023 on Binance