The decentralized exchange KyberSwap has offered a 10% bounty reward to the hacker who stole $46 million on Nov. 22 and left a note of negotiation. The exchange wants 90% of the loot returned by 6am UTC on Nov.25.
On Nov. 23, KyberSwap alerted users that its liquidity solution, KyberSwap Elastic, was compromised and advised them to withdraw funds. In the meantime, on Nov. 22, the hacker made away with roughly $20 million in Wrapped Ether (wETH), $7 million in wrapped Lido-staked Ether (wstETH) and $4 million in Arbitrum (ARB). The hacker then siphoned the loot across multiple chains, including Arbitrum, Optimism, Ethereum, Polygon and Base.
After hiding the stolen funds, the hacker wrote an on-chain message directed to KbyerSwap Developers, Employees, DAO members and LPs, stating, “Negotiations will start in a few hours when I am fully rested.”
Following a day’s silence from both ends, KyberSwap responded to the hacker requesting the return of 90% of the stolen funds. The team acknowledged the skills of the hacker and laid down an offer:
“On the table is a bounty equivalent to 10% of users’ funds taken from them by your hack, for the safe return of all of the users’ funds. But we both know how this works, so lets cut to the chase so you and these users can all get on with life.”
If the hacker fails to pay back or respond to KyberSwap by 6am UTC, Nov. 25, “you stay on the run,” said KyberSwap. The team is open to further discussion with the hacker via email.
Related: KyberSwap announces potential vulnerability, tells LPs to withdraw ASAP
A dissection of the recent KyberSwap hack by a decentralized finance (DeFi) expert suggests that the attacker used an ‘infinite money glitch’ to drain funds.
Ambient exchange founder Doug Colkitt explained the KyberSwap attacker relied on a “complex and carefully engineered smart contract exploit” to carry out the attack.
1/ Finished a preliminary deep dive into the Kyber exploit, and think I now have a pretty good understanding of what happened.
This is easily the most complex and carefully engineered smart contract exploit I’ve ever seen…
— Doug Colkitt (@0xdoug) November 23, 2023
The attacker then repeated this exploit against other Kyberswap pools on multiple networks, eventually getting away with $46 million in crypto loot.
Magazine: This is your brain on crypto: Substance abuse grows among crypto traders
Read More: cointelegraph.com
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
Toncoin 
Cardano 
Shiba Inu 
Avalanche 
TRON 
Polkadot 
Wrapped Bitcoin 
Bitcoin Cash 
Chainlink 
Polygon 
NEAR Protocol 
Internet Computer 
Litecoin 
LEO Token 
Uniswap 
Dai 
First Digital USD 
Aptos 
Ethereum Classic 
Hedera 
Cronos 
Cosmos Hub 
Filecoin 
Mantle 
Stellar 
Pepe 
Immutable 
Stacks 
Render 
XT.com 
OKB 
Renzo Restaked ETH 
Optimism 
Arbitrum 
dogwifhat 
Bittensor 
Sui 
Wrapped eETH 
VeChain 
Maker 
Kaspa