KyberSwap hacker bridges $2.5M in stolen funds to Ethereum

The KyberSwap Hacker Strikes Again: Millions in Crypto Stolen and Transferred Across Blockchains

The cybercriminal responsible for the attack on the decentralized exchange (DEX) KyberSwap has been spotted moving large sums of digital assets between different blockchains.

Blockchain analysis company PeckShield recently revealed that the hacker had transferred 798.8 Ether (ETH), worth approximately $2.5 million, from Arbitrum to the Ethereum network.

In addition to the stolen ETH, the attacker also moved almost $1 million in stablecoins, with $826,500 in DAI being transferred to another wallet.

The KyberSwap hack, which took place on November 23, 2023, was one of the biggest crypto hacks of the year. The DEX informed its users of a “security incident” and advised them to withdraw their funds. Initially, it was estimated that $46 million had been stolen, but further investigations revealed that the total amount lost was closer to $49 million.

The Hacker’s Demands and KyberSwap’s Response

After conducting a successful exploit, the hacker left a message on the blockchain for the KyberSwap team, indicating that negotiations would only commence when he was “fully rested.” In response, the team offered a substantial bounty of $4.6 million in exchange for the return of 90% of the stolen funds.

However, the negotiations took a turn for the worse as the hacker became dissatisfied with KyberSwap’s tactics. On November 29, the hacker threatened to prolong the negotiations if the team continued to pursue legal action and displayed hostility towards him.

Surprisingly, the hacker then demanded complete control over KyberSwap and all of its assets, including temporary ownership of KyberDAO, which serves as the governing mechanism for Kyber. The hacker gave the company until December 10 to decide or risk losing the opportunity for a treaty.

In response to these demands, the KyberSwap team decided to launch treasury grants for the victims of the hack. On December 2, they announced that they would provide grants to those who lost funds in the exploit and have not yet been recovered. The company itself also suffered greatly from the hack, resulting in a 50% reduction in their workforce just a month after the incident.

Categorized in:

Tagged in: