KyberSwap hackers have shown willingness to negotiate after exploiting the decentralized exchange for approximately $45 million, according to on-chain messages.
The attackers publicly messaged KyberSwap, saying negotiations would begin soon after a suitable “rest”.
“Dear Kyberswap developers, staff, DAO members and LPs, Negotiations will begin in a few hours after I have fully rested. thank you.”
hacking
Kyber Network confirmed in a statement on November 23 that its flagship decentralized exchange product, KyberSwap, had been abused for an undisclosed amount.
“As a precautionary measure, we strongly advise all users to withdraw their funds immediately. Our team is diligently investigating the situation and is committed to keeping you informed through regular updates,” Kyber Network wrote.
However, blockchain security company Cybers Alerts estimated The theft amounted to approximately $45 million across various chains, including $20 million from Arbitrum, $15 million from Optimism, $7.5 million from Ethereum, $2 million from Polygon, and $315,000 from Base.
The company added that the attackers received funding from Tornado Cash, a virtual cryptocurrency mixer.
Cause of attack?
The cause of the hack is not yet known, but Cinneamhain Ventures partner Adam Cochran suggested the attack was “flash lending and some sort of math/rounding issue.” He added:
“Each (transaction) starts with an incoming Ethereum balance, followed by a cycle of issuance/redemption/swap.”
Doug Colkitt, founder of decentralized trading protocol Ambient Finance, described the hack as “the most complex and carefully designed smart contract attack we have ever seen.”
Colkitt said in an extensive post on the social media platform explained:
“The first thing to note is that this attack is specific to Kyber’s concentrated liquidity implementation. There is no reason to believe that reputable concentrated liquidity indices such as Ambient or Uniswap are at risk from this exploit. (The Kyber fork obviously does.)”
Meanwhile, the theft had a major impact on the total value of assets locked in KyberSwap, plummeting from $84.9 million to about $13.61 million, according to Defillama data.
Additionally, Kyber Network’s native token, KNC, fell more than 2% during the reporting period, falling to $0.72525 at press time CryptoSlate’s data.