YEREVAN (CoinChapter.com) — On Nov 23, an unidentified hacker stole more than $45 million from the decentralized exchange KyberSwap. He then contacted the team, saying the negotiations would start when they were “well rested.” But before addressing the hilarious fatigue claim, let’s take a closer look at the KyberSwap hack and the damage it did.
KyberSwap Hack Was a Multi-chain Affair
The breach affected multiple cross-chain deployments of KyberSwap, including over $20 million on Arbitrum, $15 million from Optimism, and $7 million from Ethereum. The funds stolen primarily included Ether (ETH), Wrapped Ether (wETH), and USDC.
Following the incident, Kyber Network, the team behind KyberSwap, alerted users of a security breach on KyberSwap Elastic and advised them to withdraw their funds as a precaution. This attack was not related to a bug in the DEX‘s approval authorization code but rather a directed attack against the liquidity provider pools.
Blockchain sleuths investigating the incident identified the involved wallets shortly after the KyberSwap hack. Notably, the hacker also left a message on-chain, indicating an intention to start negotiations. But they were apparently tired and needed some rest.
The Exchange’s TVL Floored
The incident significantly impacted KyberSwap’s total value locked (TVL), causing it to drop by nearly 87% within a few hours. As a result, users withdrew nearly $73 million from the protocol, a significant decrease from the peak of $87 million.
The KyberSwap hack left the exchange’s TVL at approximately $14 million as of 06:00 UTC on Nov 23, according to crypto tracker DeFiLlama.
Kyber Network Crystal (KNC) token also lost more than 5% in value immediately after the incident, currently trading at about $0.72.
Meanwhile, the latest KyberSwap hack is not the only incident to drop the exchange’s TVL in 2023. In April 2023, Kyber Network announced a “potential vulnerability” on its automated market maker (AMM) platform, KyberSwap Elastic.
This issue occurred after a user encountered an error while withdrawing single-sided liquidity from the platform. In response, the Kyber team temporarily took all of KyberSwap Elastic’s liquidity pools offline to address the vulnerability and reassured participants that no user funds were lost.
It’s important to note that this incident in April was related to a potential vulnerability and not a confirmed hack like the one on Nov 23.