Cointime

Download App
iOS & Android

KyberSwap

ALL From KyberSwap

KyberSwap attacker has transferred approximately 2460 ETH to a new address

PeckShield monitoring shows that the KyberSwap attacker marked address 0xf255...ffc93 has transferred about 2460 ETH (valued at about $9.9 million) to a new address 0xDb14...ACA8.

KyberSwap attacker has transferred 46.4 ETH to Tornado Cash

Cyvers Alerts posted on social media X that the KyberSwap attacker has transferred 46.4 ETH worth $170,000 to Tornado Cash.

KyberSwap: An updated version of the UI has been released, and users can now query the category of the affected assets.

According to official sources, KyberSwap: has released an updated UI and opened a page for querying affected assets, which reflects the category to which the affected assets belong.

KyberSwap attacker transferred 231.8WETH and 217,300 WMATIC to other addresses

PeckShield monitoring shows that the address marked as the KyberSwap attacker transferred 231.8 WETH (worth $535,800) and 217,300 WMATIC (worth about $183,000) in two transactions to 0xa423...58c6.

Kyber Network: Plans to provide compensation to users through KyberSwap Treasury

Kyber Network announced on the X platform that it plans to provide compensation to users through the KyberSwap Treasury, with a maximum amount equivalent to the stolen funds. Earlier, KyberSwap stated: "On November 22, 2023, at 10:54 pm UTC, an attacker used a series of complex operations of the KyberSwap Elastic smart contract for exploitative exchanges, resulting in user funds being extracted to the attacker's wallet. Approximately $54.7 million of user funds were used by the attacker."

KyberSwap hackers promise to release statement on "Treaty" on November 30

Hacker who stole $47 million from the decentralized trading protocol KyberSwap last week has promised to release a statement later this week regarding potential transactions with the victims. The attacker encoded a message into an Ethereum transaction on the evening of November 28th, promising to release a statement about the "contract" on November 30th. The attacker stated, "I said I was willing to negotiate and in return, I received (mostly) threats, ultimatums, and general unfriendliness from the execution team. It's okay, I don't mind. Assuming I am treated with further hostility, we can reschedule for a later date when we are both feeling more civilized. All you need to do is say one word, if not, we will proceed as planned on November 30th."
KyberSwap hackers promise to release statement on "Treaty" on November 30

PeckShield: KyberSwap attacker has refunded 361,876 USDC.e on AVAX

PeckShield monitoring shows that a KyberSwap attacker has returned 361,876 USDC.e on AVAX, as detected by community contributors.

Kyber Network: Funds currently worth approximately $4.67 million have been returned to KyberSwap deployer addresses on Polygon

Kyber Network posted on social media that the KyberSwap team has contacted the owner of the frontrun bot, which extracted approximately $5.7 million worth of funds from the KyberSwap liquidity pools on Polygon and Avalanche during this vulnerability. We have negotiated with the owner of the frontrun bot to return 90% of the user funds it occupied to address 0x8180 in exchange for a 10% reward. So far, approximately $4.67 million worth of funds have been returned to the KyberSwap deployer address on Polygon through these transactions. After recovering user funds from the frontrun bot, we will continue to support law enforcement and cybersecurity agencies in tracking down and recovering user funds from the vulnerability attackers.
Kyber Network: Funds currently worth approximately $4.67 million have been returned to KyberSwap deployer addresses on Polygon

CertiK: KyberSwap vulnerability exists in the implementation of Elastic's computeSwapStep() function

CertiK posted on social media that the vulnerability in the KyberSwap attack exists in the implementation of the computeSwapStep() function in KyberSwap Elastic. This function calculates the actual exchange input/output amounts to be deducted or added, the exchange fee to be charged, and the resulting sqrtP. The function first calls the calcReachAmount() function, which concludes that the attacker's slippage will not cross the scale line, but incorrectly generates a slightly larger price than the targetSqrtP calculated by calling "calcFinalPrice". Therefore, liquidity was not removed, resulting in the attack. The attacker performed precise calculation operations on the liquidity pool within the empty scale range, using cross-exchange liquidity counts to deplete many KyberSwap pools containing low liquidity.

KyberSwap announces: Hackers can reserve 10% of stolen funds as a bounty, and the rest will be returned within a limited time

KyberSwap team has released negotiation information on the chain to hackers, stating that they can allow hackers to keep 10% of the stolen funds as a reward in order to safely return all users' funds. KyberSwap stated that they know how the hacker carried out the attack and have given the hacker until 2:00 pm on November 25th Beijing time to return 90% of the stolen funds to the address starting with 0x8180. Otherwise, the hacker's information will continue to be pursued.