The Battle Between KyberSwap and "Talkative" Attacker: A $48 Million Grudge?

KyberSwap faced a significant setback on November 23 when approximately US$48 million, was transferred across various chains on the platform. In an unexpected twist, the attacker attempted to engage in a "conversation" with the KyberSwap community. Intrigued? Keep reading to learn more about this noteworthy incident.

Quick Intro of KyberSwap - Kyber Network's Main Product

Established in 2017 by Loi Luu, Victor Tran, and Yaron Velner, Kyber Network is a decentralized exchange system on the Ethereum platform, facilitating immediate on-chain transactions with assured liquidity that is based in Singapore.

KyberSwap, their flagship product, is a cross-chain decentralized exchange and aggregator, operating on 15 different chains. While KyberSwap has encountered security challenges before, the most recent incident stands out as a more "interactive" experience.

The Start of the Hacking Incident

On the morning of 23 November 2023, a user named Spreek shared on platform X that there was an abrupt transfer of funds from protocol-associated wallets into a single wallet. It turns out an attacker has drained around US$48.8 million of users' funds from KyberSwap Elastic liquidity pools overnight.

Source: X

In a swift response to the security breach, Kyber Network promptly issued an announcement advising all users to withdraw their funds from KyberSwap Elastic. Subsequently, the total value locked (TVL) in KyberSwap experienced a significant drop within hours. As of the time this article was published, it plummeted to US$7.17 million, which is a huge gap from its peak of US$134 million.

The Aftermath / "Ongoingmath" of The Security Breach

The most affected assets included Arbitrum (ARB), Optimism (OP), and Ethereum (ETH). Notably, more than US$20 million was lost in Arbitrum, followed by US$16.13 million in Optimism, and US$8.8 million in Ethereum.

Source: TVL data from defillama.com

Here's when the interesting part comes in. In a surprising turn of events, the attacker, identified as "KyberSwap Exploiter 1," commented after the incident, stating negotiations would begin after they get a full rest.

However, the community was understandably upset with the attack, and moving forward, the attacker mentioned a potential treaty to be announced on November 30 at noon UTC.

On November 30, an individual identifying as the "Kyber Director" announced his piece. What sets this apart from typical attacks is the fact that the attacker has several demands. Kyber Network has some time until December 10 to respond to this proposal, and the hacker can be reached on Telegram via @Kyber_Director.

The complete "treaty" that the attacker delivered

How Kyber Network Responds to the Hacker's Offer

As of December 2, Kyber Network has deployed multiple strategies and actively trying to retrieve or safeguard user assets. These include:

• Offers financial assistance to users who suffered losses in the exploit and have not yet recovered with KyberSwap Treasury

• A bounty has been established and funded to identify the hacker.

• Received the return of nearly US$4.67 million to KyberSwap’s digital wallet using front-run bots (Note: A KyberSwap attacker also contributed to this return amount)

Right now, everyone is paying attention to Kyber Network and the mysterious hacker. We're waiting to see what happens in the next few days. This attack also taught everyone a lesson: taking steps to prevent future attacks is more important than ever. These attacks don't just result in financial losses for the company and users; they also affect trust. So, being proactive about security is key, and it can start with you.

Take Charge of The Safety of Your Own Assets

You can do your own homework to protect your assets in your hands, and here are some simple tips to help you avoid crypto hacks, fraud, or scams:

Choose a Cold Wallet for Optimal Security: Opt for a cold wallet to keep your cryptocurrency safe. Although the idea of putting your assets on the blockchain might be tempting, using cold wallets significantly lowers the risk of falling victim to security breaches.

Proactively Manage Software Security: Keeping your software up-to-date is one of the best ways to prevent hackers from exploiting vulnerabilities in outdated software. Regularly update your wallets, exchange platforms, and other crypto-related applications to ensure you benefit from the latest security patches.

Be Selective with Your Cryptocurrency Exchange: Reduce the risk of compromising your assets by choosing your cryptocurrency exchange wisely. Opt for an exchange with a solid proof-of-reserve and a good security track record.

At Bitget, we prioritize our users' safety and implement top-notch security measures. We are honoured to be entrusted with an increasing amount of users’ funds and have been working relentlessly to improve our security system day by day. And never forget that there’ll always be the Bitget Protection Fund as the safety net to catch us all - should any undesirable situation arise.

Disclaimer: The opinions expressed in this article are for informational purposes only. This article does not constitute an endorsement of any of the products and services discussed or investment, financial, or trading advice. Qualified professionals should be consulted prior to making financial decisions.