KyberSwap has stated that it will continue to cooperate with law enforcement and cybersecurity experts to recover user funds and track down the perpetrators of the attack.
The KyberSwap team has recovered approximately $5.7 million after last week’s $47 million hack on KyberSwap liquidity pools on Polygon and Avalanche. The company announced that it has negotiated a return of 90% of the user funds, with the remaining 10% serving as a bounty for the hackers.
“The KyberSwap team has been in contact with the owners of the frontrun bots that extracted about $5.7M* worth of funds from KyberSwap pools on Polygon and Avalanche during the exploit. We have negotiated with the owners of the frontrun bots to return 90% of the users’ funds taken by them […] in return for a 10% bounty,” the post stated in part.
The decentralized exchange (DEX) protocol reported a cyber attack on November 23, stating that the stolen funds were linked to its Elastic Pools liquidity solution. On-chain data shows that $20.7 million was extracted from Arbitrum, $15 million from Optimism, $7 million from Ethereum, $3 million from Polygon, and $2 million from Base. The affected funds comprised various forms of Ether, stablecoins, and other tokens like Arbitrum.
The hackers exploited a vulnerability in the tick interval boundaries of Kyber’s concentrated liquidity pools. They used it to double the liquidity before draining the pools.
The platform issued a statement on social media platform X, informing users of the exploit and urging them to “promptly withdraw their funds” as it investigated the situation. Deposits were halted and KyberSwap offered a 10% bounty to the operators of the automated trading programs, known as front-run bots, used in the exploit for the return of the funds.
Onchain security specialists PeckShield noted a transaction of about 361,876 USDC on the Avalanche blockchain around 02:11 a.m. UTC on Monday that they attributed to one of the hackers returning part of the stolen funds.
#PeckShieldAlert Our community contributor has detected that one of the KyberSwap exploiters has refunded 361,876 $USDC.e on #AVAX https://t.co/EO82Pw606B pic.twitter.com/Lc5towMVCX
— PeckShieldAlert (@PeckShieldAlert) November 27, 2023
KyberSwap has stated that it will continue to cooperate with law enforcement and cybersecurity experts to recover user funds and track down the perpetrators of the attack. The team has reportedly put in place stringent security measures such as internal checks, external audits by renowned security firms, and community-driven security reviews. The goal is to not only recover as much of the funds as possible but to also shield the platform against future attacks.
The exploit comes on the heels of an attack that cost cryptocurrency trading and investment firm Kronos Research $26 million. Onchain data shows that 12,800 ETH was taken from Kronos and shared among six different wallets. The company announced that it was halting all trading operations and would initiate an investigation into the matter.
Crypto exchanges and platforms have been a target of cyber attacks for years. A report by blockchain security firm Immunefi reveals that about $3.7 billion in crypto assets was lost due to cyber attacks last year, a 58% increase from 2021’s $2.3 billion. The firm tracked 134 exploits in 2022, an increase from the 104 reported in 2021. Findings show that over 95% of the attacks were hacks while the rest were frauds and scams.
