The decentralized broker KyberSwap is the latest victim of hackers – the platform lost about $50 million in various cryptocurrencies on Wednesday evening (22) and asked its users to withdraw funds as soon as possible.
The first reports that the exchange was under attack came from users themselves on Twitter, with community members alerting the Kyber team to a possible exploit.
When the first reports arrived, hackers had already stolen more than $48 million worth of cryptocurrencies from various networks, including Polygon, Base and Arbitrum.
Minutes later, the platform acknowledged the hack and posted a warning on Twitter asking users to withdraw their cryptocurrencies “immediately” and revoke wallet permissions.
“As a precaution, we strongly advise all users to withdraw their funds immediately. Our team is closely investigating the situation and we are doing everything we can to keep you informed with updates.”, he said KyberSwap.
After the announcement, users rushed to KyberSwap to try to secure their cryptocurrencies, but the protocol was worth more than $84 million before the attack, since then the value has dropped to $13 million, meaning a number of users have lost money.
🚨Urgent🚨
Dear KyberSwap Elastic users,
We regret to inform you that KyberSwap Elastic has experienced a security incident.As a precaution, we strongly advise all users to withdraw their funds immediately. Our team is closely investigating the situation and we…
— Kyber Network (@KyberNetwork) November 22, 2023
Decentralized broker loses R$245 million in cryptocurrencies
Although the cause of the attack has not yet been revealed by the team of KyberSwapSecurity experts suggest that the platform suffered an exploit involving the liquidity pools.
The cybersecurity company reports this BlockSec, the protocol was exploited due to tick manipulation and double counting in liquidity. In short, the attackers provided instant loans (payday loans) and depleted pools with low liquidity.
“By executing swaps and changing positions, they manipulated the current prices and ticks of the victim pools. Ultimately, the attacker triggered multiple swap steps and cross-tick operations, resulting in double counting of liquidity and consequently depleting the pools.”
.@KyberSwap was exploited due to tick manipulation and duplicate liquidity counts.
In summary, the attackers borrowed a flash loan and emptied the pools with low liquidity. By executing swaps and changing positions, they manipulated the victims’ current prices and ticks… https://t.co/wNGORP4CsT pic.twitter.com/lIQYe5SHi7—BlockSec (@BlockSecTeam) November 23, 2023
Security analysts have reported losses in several cryptocurrencies, including $7.5 million on Kyber Mainnet, $315,000 on Base, $15 million on Optimism, $2 million on Polygon and another $20 million on Arbitrum.
Shortly after the attack, hackers left a message for Kyber developers, stating that they will soon begin negotiations with the project team.
“Dear KyberSwap developers, employees, DAO members and partners, trading will start in a few hours, when I am fully rested. Thank you”.
Message from the @KyberNetwork hacker. pic.twitter.com/IvyT0GfHes
— Officer’s Notes (@officer_cia) November 23, 2023
Although the incident affected the value of the exchange’s native currency, KNC, users ultimately seem to trust that the hacker will return the money, with the digital currency showing signs of recovery.
At the time of writing, KNC is trading at $0.72, up 2% in the last 24 hours.
Source: Live Coins
Barry Siefert is an accomplished journalist and author at The Nation View. He is known for his expertise in the field of cryptocurrency, and has written extensively on the topic. With a background in finance and economics, Barry has a deep understanding of the underlying technology and market forces that drive the crypto industry.