The hacker responsible for the attack on decentralized exchange KyberSwap has transferred $2.5 million in stolen funds from Arbitrum to Ethereum. The move was detected by blockchain analytics firm PeckShield, which also noted the transfer of nearly $1 million in stablecoins.
Exploit and Aftermath
The KyberSwap hack, one of the largest in 2023, occurred on Nov. 23, resulting in the loss of around $49 million in digital assets. Following the attack, the hacker left an on-chain message indicating willingness to negotiate, which led to an offer from KyberSwap to pay a $4.6 million bounty in exchange for the return of 90% of the stolen funds.
However, negotiations soured when the hacker demanded total control over KyberSwap and its assets, including temporary ownership of KyberDAO, the project's governance mechanism. The hacker set a deadline of Dec. 10, 2023, for KyberSwap to comply.
Response and Impact
In response to the hacker's demands, KyberSwap decided to launch treasury grants for victims of the hack, extending support to those who lost funds and have not yet recovered them. The incident also led to a significant impact on KyberSwap, resulting in a workforce reduction of half its staff a month after the exploit.
The recent movement of stolen funds from Arbitrum to Ethereum underscores the ongoing challenges faced by decentralized platforms in securing user assets and the importance of robust security measures in the crypto space.
#PeckShieldAlert #KyberSwap Exploiter-labeled address bridged ~800 $ETH (worth ~$2.5m) from #Arbitrum to #Ethereum pic.twitter.com/xTWO7lOLJY
— PeckShieldAlert (@PeckShieldAlert) February 26, 2024