The decentralized finance sector suffered a major setback in November 2023 when DeFi protocol KyberSwap suffered a massive hack. The aftermath of this security breach had far-reaching consequences, including a drastic decline in the platform’s workforce and impacted support efforts. user.
On November 22, 2023, KyberSwap experienced a serious security exploit, resulting in approximately $48.8 million in losses from its Elastic liquidity pool. Dubbed the KyberSwap Elastic exploit, the incident occurred at 10:54:09 PM UTC, marking a significant moment for the DeFi landscape. Hackers exploited vulnerabilities in KyberSwap’s Elastic protocol, leading to unauthorized and exploitable swaps.
In response to this financial hit, Kyber Network CEO Victor Tran announced the unfortunate but necessary decision to reduce its workforce by 50%. The move aims to keep the company’s business operations sustainable despite the financial losses incurred. Despite the difficult decision, Kyber Network emphasizes that its core business functionality, including KyberSwap’s Aggregator and Limit Order capabilities, remains intact. However, some plans, such as Liquidity Protocol and KyberAI projects, have been temporarily halted.
Kyber Network has launched a financial grant program to support users affected by the hack. The program, which launched on December 20, 2023, plans to distribute refunds in US dollar stablecoins by February 1, 2024. Affected users must register for this refund between January 11 and January 23, 2024. The total baseline value of the losses amounts to nearly $49 million, but users will only receive 60% of this value, reflecting the financial constraints faced by the platform. In the aftermath of the first exploit, an additional $6.6 million was stolen from the lead bot.
In a series of events, the Kyber team attempted to negotiate a bounty deal with the hackers. But the hackers’ demands were extreme. He sought complete control of Kyber Network, including all assets and its governance mechanism, KyberDAO. The Kyber team was not pleased with the hacker’s intention to buy the company at fair value.
DeFi expert Doug Colkitt characterized the exploit as an “infinite money flaw,” a complex and carefully designed smart contract exploit that spanned multiple networks implementing KyberSwap pools. Affected networks include Avalanche; polygonEthereum and layer 2 networks such as Arbitrum, Optimism, and Base.
In summary, KyberSwap’s proactive actions to address the aftermath of the hack, including workforce reductions and compensation plans for affected users, demonstrate the challenges and resilience inherent in the DeFi sector. This incident highlights the importance of robust security measures and the need for constant vigilance in the evolving decentralized finance environment.
Image source: Shutterstock