KyberSwap Hacked, Suffering $47 Million Losses
KyberSwap Hacked, Suffering $47 Million Losses
Update on 27/11/2023:
The Kyber Network team has officially confirmed that the total financial loss from the KyberSwap hack amounts to $54.7 million. They stated that the hacker employed highly sophisticated methods, indicating thorough preparation.
1/ We've overcome many challenges since our 2017 inception, but by far these last 2 days have been the most difficult. At the core of our mission is a commitment to security, making this recent event a heavy burden on our hearts. We’d like to be transparent about what happened.
— Kyber Network (@KyberNetwork) November 24, 2023
Additionally, Kyber Network has managed to recover $5.7 million through cooperation with MEV Bot operators on Polygon and Avalanche chains.
The KyberSwap team has been in contact with the owners of the frontrun bots that extracted about $5.7M* worth of funds from KyberSwap pools on Polygon and Avalanche during the exploit.
— Kyber Network (@KyberNetwork) November 26, 2023
We have negotiated with the owners of the frontrun bots to return 90% of the users’ funds taken…
Regarding negotiations with the hacker, KyberSwap has offered a 10% bug bounty for returning 90% of the stolen assets but has yet to receive a response.
Original Article:
In the early hours of November 23, the crypto community on X (Twitter) was abuzz with news of the latest DeFi attack, this time targeting the DEX KyberSwap.
The attack exploited KyberSwap's Elastic liquidity pools, resulting in an estimated $47 million theft. The hacker stole assets across multiple blockchains supported by KyberSwap, including Ethereum, Arbitrum, Optimism, Base, and Polygon.
0xc9b826bad20872eb29f9b1d8af4befe8460b50c6 is where the funds are going
— Spreek (@spreekaway) November 22, 2023
A significant portion of the stolen funds was in the form of liquidity-locked tokens and liquid staking ETH, as noted by Hsaka.
kyber exploiter wallet
— Hsaka (@HsakaTrades) November 22, 2023
you look at all the various wrappers, prefixes, suffixes of the same token, ETH, and realize, yeah, eventually all this is going to have to be abstracted for the common user pic.twitter.com/Hvcjq54zxy
Interestingly, the hacker seemingly overlooked a pool on the Scroll chain, which still contained $5 million worth of assets.
Hey all, we are investigating a potential issue with the Kyber deployment on Scroll based on the following tweet.
— Scroll 📜 (@Scroll_ZKP) November 22, 2023
We don't know yet what is happening but we recommend everyone to be highly cautious and be aware of a potential compromise of @kybernetwork. https://t.co/WXiKHz4YnS
Preliminary analyses indicate that only KyberSwap's liquidity pools were targeted via flash loan exploits. Thus, users do not need to revoke previously granted access permissions.
Kyber Network later confirmed the incident and advised users to withdraw their funds as a precautionary measure against potential vulnerabilities.
🚨Urgent🚨
— Kyber Network (@KyberNetwork) November 22, 2023
Dear KyberSwap Elastic Users,
We regret to inform you that KyberSwap Elastic has experienced a security incident.
As a precautionary measure, we strongly advise all users to promptly withdraw their funds. Our team is diligently investigating the situation, and we…
According to DefiLlama, the TVL of Kyber's DeFi products dropped from $86 million to $27 million as users hurried to withdraw their funds.
TVL of KyberSwap as of 23/11/2023 - Source: DefiLlama
The hacker exhibited a brazen attitude, not only executing the transactions but also leaving instructions detailing their actions.
hacker takes you step by step through the process lmao https://t.co/eboTav2Voo pic.twitter.com/kynwt3rTO0
— Fozzy (@fozzydiablo) November 22, 2023
Moreover, the hacker sent a message to the Kyber team, expressing willingness to negotiate a return of the funds but stating that they needed to rest first.
Hacker reaches out with a message pic.twitter.com/KTwoMOzzKT
— Spreek (@spreekaway) November 23, 2023
The price of Kyber Network's KNC token has been volatile following news of the hack.
15-minute chart of KNC/USDT on Binance as of 07:55 AM on 23/11/2023
In summary, KyberSwap is facing significant challenges following a major security breach, with efforts underway to recover the stolen funds and secure their platform against future attacks.
