KyberSwap, a decentralized exchange (DEX) running on the Ethereum blockchain, was hacked on November 22, losing about $50 million worth of crypto assets from its liquidity pools. The hacker exploited a vulnerability in the DEX’s smart contract that allowed them to create an “infinite money glitch” and drain the funds.
In what has become a common practice in these situations, the KyberSwap team has offered a 10% bounty to the hacker, equivalent to $5 million, if they return the remaining 90% of the stolen funds to a specified address by November 25. The team has also provided an email address for the hacker to contact them privately if they wish to negotiate anonymously.
The Hacker Has Yet to Respond to KyberSwap’s Offer
The bounty offer was communicated through a message on the Ethereum blockchain, sent to the hacker’s wallet address. The message acknowledged the sophistication of the hack and proposed a unique resolution that would benefit both parties and the affected users.
The hacker has not yet responded to the bounty offer and has been inactive since November 22. The last message they sent on the blockchain stated that they were resting and would start negotiations later. The KyberSwap hack has been described as “the most complex and carefully engineered smart contract exploit” ever seen by some experts.
The hacker took advantage of KyberSwap’s unique liquidity implementation, which allowed them to trick the contract into thinking it had more liquidity than it actually had. The hacker then swapped the inflated liquidity for other tokens and withdrew them from the DEX.
The hack has reduced KyberSwap’s total value locked (TVL) from about $80 million to less than $8 million. The DEX has temporarily paused all operations and is working on a security audit and a compensation plan for the affected users.
KyberSwap is a DEX that allows users to swap tokens without intermediaries, using a network of liquidity providers. It is governed by a decentralized autonomous organization (DAO), which oversees the protocol’s development and governance. KyberSwap is one of the oldest and most popular DEXes on Ethereum, with over $1 billion in trading volume in the past year.