Share this article
Finance
KyberSwap Offers 10% Bounty to Attacker Who Made Off With $50M
The attacker had said negotiations would start when they are "fully rested," and hasn't been heard from since.
Updated Mar 8, 2024, 5:33 p.m. Published Nov 24, 2023, 9:06 a.m.
The decentralized autonomous organization (DAO) running the KyberSwap decentralized exchange (DEX) reached out to the attacker who walked off with $50 million on Nov. 22 with a message: We want to negotiate.
The attack targeted KyberSwap's liquidity pools (LPs). The DEX, which had a total value locked (TVL) of around $80 million before the attack, now just has $7.78 million.
"You have done one of the most sophisticated hacks ser. That was high EV, and everyone missed it," the DAO wrote via a message from a contract deployer wallet, using an initialism for expected value. "On the table is a bounty equivalent to 10% of users' funds taken from them by your hack, for the safe return of all of the users' funds."
KyberSwap gave the attacker a deadline of Nov. 25, 06:00 UTC, to return the funds.
Hackers teasing their victims via signing transactions with strings of text is an increasingly common trend with decentralized finance exploits. It is also a way for protocol teams to negotiate with their attackers.
There has been over $290 million lost in DeFi hacks this month, and around $1.2 billion so far this year, according to DefiLlama.
Sam Reynolds
Sam Reynolds is a senior reporter based in Taipei. Sam was part of the CoinDesk team that won the 2023 Gerald Loeb award in the breaking news category for coverage of FTX's collapse. Prior to CoinDesk, he was a reporter with Blockworks and a semiconductor analyst with IDC.
