Share this article
Tech
KyberSwap DEX Hacked for $48 Million, Attacker Teases Negotiations
The decentralized exchange had over $80 million in total value locked before the incident.
Updated Mar 9, 2024, 5:43 a.m. Published Nov 23, 2023, 2:20 a.m.
Decentralized exchange (DEX) KyberSwap has been attacked for nearly $50 million, and administrators are advising users to withdraw all funds as a precautionary measure as the exploiter says negotiations will soon commence.
On-chain data shows that the attacker is stealing funds mostly in Ether, wrapped ether (wETH) and USDC. The attacker has also hit multiple cross-chain deployments of KyberSwap, taking over $20 million on Arbitrum, $15 million from Optimism and $7 million from Ethereum.
On-chain sleuths have ruled out this being related to a bug in the DEX's approval authorization code, and suggest that the theft is a directed attack against the liquidity provider pools themselves.
The attacker has teased that "negotiations will start in a few hours when I am fully rested." The attacker also asked, "how is Ontario this time of year".
Hackers teasing their victims via signing transactions with strings of text is an increasingly common trend with decentralized finance exploits.
The DEX currently has $22.23 million in total value locked (TVL) according to DeFiLlama, down from approximately $80 million before the attack.
Sam Reynolds
Sam Reynolds is a senior reporter based in Taipei. Sam was part of the CoinDesk team that won the 2023 Gerald Loeb award in the breaking news category for coverage of FTX's collapse. Prior to CoinDesk, he was a reporter with Blockworks and a semiconductor analyst with IDC.
