The disclosure of information in a news article by the Coinmooner team concerns a cyberattack on the decentralized exchange KyberSwap, resulting in an approximate loss of $50 million.
KyberSwap, a leading decentralized exchange aggregator (DEX) that facilitates token trading and earning, is a key product of Kyber Network. Currently, the project is facing a serious security incident affecting not only them but also several major networks, including Orbitrum, Ethereum, and Polygon. Blockchain analysts believe that a potential hacker breach has occurred, resulting in estimated losses of around $50 million as of November 23, 2023. The attack specifically targeted the liquidity of Elastic pools, leading to a significant depletion of KyberSwap's liquidity.
Analysis conducted by various sources online reveals the details of a recent incident. According to data provided by Debank, approximately $46 million was confirmed to be lost in the aftermath of this attack. Among the affected assets, about $20 million was in the form of Wrapped Ether (wETH), $7 million in staked Ether on the Lido platform (wstETH), and $4 million in Arbitrum (ARB). Blockchain experts, including representatives from Spreek, also flagged suspicious transactions, emphasizing the gravity of the situation on social media.
A theft of $20 million occurred on the Arbitrum platform, followed by an attack on Optimism for $15 million, $7.5 million on Ethereum Mainnet, $2 million on Polygon, and $315,000 on Base. All stolen funds were traced back to a single address.
KyberSwap representatives report that their team is currently conducting a thorough investigation and strongly advise users to withdraw their funds from the platform immediately. Additionally, upon entering the KyberSwap website, an automatic warning about potential threats is displayed. On the Kyber Network portal, there is also a warning provided before visiting, covering potential risks such as fake versions of MetaMask, the threat of recovery phrase compromise or password theft, and malicious transactions aimed at asset theft. These warnings are provided by Ethereum Phishing Detector and PhishFort.
Unlike many hacking incidents caused by permission issues, this attack directly impacted the total value locked (TVL) in Kyber's pools. In a surprising turn of events, the hacker left a message on the blockchain addressed to KyberSwap developers. The message hinted at possible negotiations and ended with a sarcastic question about the weather in Ontario.
Data from DeFiLlama confirms that the overall value of locked funds on KyberSwap (TVL) has dropped to $8.42 million, a significant decrease compared to the approximately $81 million TVL before the attack.
The Coinmooner team strongly advises all KyberSwap users to follow their instructions posted on their Twitter account and website. It is highly recommended to withdraw your tokens immediately for the safety of your investments. Additionally, exercise caution and avoid trusting unverified sources!