Kyberswap Hacked for Nearly $50 Million

Reading Time: 2 minutes
  • Decentralized exchange KyberSwap has lost close to $50 million in a hack
  • The exchange has requested users to withdraw funds to avoid further losses
  • The hacker has alluded to a possible return of some or all of the funds

Decentralized exchange KyberSwap has asked users to withdraw funds to avoid further losses after the platform lost nearly $50 million in a hack. The platform said that it’s investigating the “security incident” with some blockchain sleuths noting that the attacker targeted recently active wallets. The attacker has indicated that he’s ready for negotiations once he’s “fully rested,” a sign that he may be open for a bounty reward in return for a section of the funds, a move that has been common with hackers in the web3 space.

Kyber’s TVL Drops to $22 Million

According to blockchain investigators, the amount stolen consisted of different cryptos and wrapped tokens like Wrapped Ether (wETH) and Arbitrum (ARB).

Some on-chain sleuths have speculated that the exploit targeted funds locked in the platform’s pools, adding that it wasn’t related to Kyber users approving malicious smart contracts.

Data from DefiLlama indicated that the exploit saw users withdraw funds from the platform causing its total value locked (TVL) to shrink by close to 70%. Kyber’s TVL stands at $22 million down from around $80 million a few days ago. The protocol’s token, KNC, also lost 7% in value due to the hack.

Kyber Network clarified that the incident only affected KyberSwap Elastic Users and that “KyberSwap’s aggregator is not impacted and is operating fully.”

In April, the protocol disclosed that it had “identified a potential vulnerability” but said that no funds were lost.

Previous Hackers Unmasked

The hack comes a year after the platform lost $265,000 in an incident that exploited the protocol’s Google Tag Manager. 

At the time, the now ex-Binance CEO Changpeng Zhao said that they identified the malicious actors and shared their details with the Kyber team and law enforcement agencies.

With the attacker expressing willingness to negotiate with the Kyber team, it’s to be seen whether the Kyber team is open to such negotiations.