The perpetrator behind the recent attack on KyberSwap, a decentralized exchange (DEX), has been observed transferring significant sums of digital assets across blockchain networks. Blockchain analytics firm PeckShield recently detected movements from the wallet associated with the KyberSwap attacker. According to the data, approximately 798.8 Ether (ETH), valued at nearly $2.5 million, was bridged from Arbitrum to the Ethereum network.
In addition to the Ether, the hacker also moved nearly one million dollars’ worth of stablecoins. Specifically, $826,500 in Dai (DAI) stablecoin was transferred from the exploiter’s wallet to another address. This incident follows the notable KyberSwap hack of 2023, which was one of the largest in the industry at the time. The DEX disclosed a security breach on Nov. 23, prompting users to withdraw their assets. Initially estimated at $46 million, the total losses from the exploit later surpassed $49 million.
During the initial aftermath of the attack, the hacker left a message for the KyberSwap team, suggesting negotiations would commence at a later time. Responding to the situation, KyberSwap offered a bounty of $4.6 million in exchange for the return of 90% of the stolen funds. However, negotiations took an unexpected turn when the hacker demanded complete control over the company and its assets. This included temporary ownership of KyberDAO, the governance mechanism for Kyber, and all associated documents.
Facing these demands, KyberSwap opted to launch treasury grants to assist victims of the hack. On Dec. 2, 2023, the team announced grants for individuals who suffered losses and whose funds were not recovered. The incident also had severe implications for the company itself, leading to a significant reduction in its workforce a month later. This latest development underscores the ongoing challenges faced by platforms operating in the decentralized finance (DeFi) space. Security remains a top concern as hackers continue to exploit vulnerabilities within these systems, highlighting the need for robust security measures and proactive responses from industry participants.