- KyberSwap was exploited for an estimated $47M last week.
- The attacker has called for calm amid hostility from the KyberSwap team.
- Negotiations are open for a return of the funds.
Decentralized finance (DeFi) continues to stumble with harmful exploits, presenting a major hurdle obstructing its path to mainstream credibility. Barely a month goes by without some DeFi protocol falling victim to an exploit. Last week, the KyberSwap decentralized exchange (DEX) lost an estimated $47 million during a brazen flash loan attack.
The hacker perpetrated a coordinated attack across multiple blockchains, with assets drained by manipulating price ticks and swap behaviors. Adding insult to injury, the developers were taunted mid-heist as the attacker posted step-by-step explainers detailing the protocol’s vulnerabilities. In a dramatic turn of events, the attacker has since posted a new on-chain message calling for calm.
KyberSwap Attacker Wants Civility
The KyberSwap hacker recently posted another on-chain message calling for calm in response to aggressive pushback against his exploits. After suggesting a willingness to negotiate the return of the stolen assets, the hacker claims to have faced predominantly threats and hostility from the KyberSwap executive team.
Sponsored
“I said I was willing to negotiate. In return, I have received (mostly) threats, deadlines, and general unfriendliness from the executive team. That's ok, I don't mind,” wrote the KyberSwap hacker.
The on-chain message set a date for a forthcoming “statement concerning our (potential) treaty” to be released on November 30. However, the hacker threatened to delay the statement release until such time as the KyberSwap team feels “more civil” towards him.
The community’s response to the attacker’s latest message showed a general nonchalance to the seriousness of the situation. Some even expressed admiration for the attacker’s bravado. Despite this, the attacker’s actions feed into a growing crisis of confidence in DeFi security following the cumulative loss of billions.
DeFi Hacks
According to data aggregator DefiLlama, the cumulative losses to DeFi hacks total $7.54 billion. The extent of the loss is a testament to the vulnerability of DeFi ecosystems, underscoring the urgent need for developers to shore up security vulnerabilities.
However, the amount lost to DeFi hacks fell this year compared to 2022. In 2023, the total value lost to hacks in the DeFi space came in at $1.3 billion. This is a significant decrease from the previous year, where the total value lost to hacks was $3.3 billion.
On the Flipside
- Trust in DeFi security is fragile; stunts like the hacker’s on-chain messages undermine confidence further.
- The FBI recommends that DeFi protocols rigorously test code, use real-time analytics, and have a “response plan” to alert investors.
- KyberSwap execs proposed a 10% whitehat bounty for the return of stolen funds.
Why This Matters
Although the amount lost to DeFi hacks has decreased in 2023, the crypto industry continues to experience hack after hack without a coordinated, collective effort to address the problem. It is imperative that devs implement better security measures to prevent future hacks.
Learn more about the KyberSwap exploit here:
KyberSwap Attacker Taunts Protocol With Step-By-Step Guide
Find out why this Singapore regulator believes cryptocurrency is finished:
MAS Director: Bitcoin and Private Cryptos Have Failed
