Kyber, a platform for multi-chain decentralised finance (DeFi), recently discovered a vulnerability in the code of its website, which enabled malicious users to make off with approximately $265,000 in cryptocurrency.
According to Kyber, the attack appeared to have a negative impact on two “whale” addresses, and the company intends to compensate for any losses incurred as a result. Kyber stated that it discovered the exploit on September 1 and “neutralised” the threat within two hours of its discovery. The exploit gave attackers the ability to insert a “false approval,” which allowed a hacker to transfer a user’s funds to his address.
1/ ❗️Notice of Exploit of KyberSwap Frontend:
We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this thread⬇️
— Kyber Network (@KyberNetwork) September 1, 2022
The exploit affected KyberSwap, a decentralised exchange that gives users the ability to trade between currencies that are stored on separate blockchains. The smart contracts stored on KyberSwap’s blockchain were not impacted in any way. According to a statement released by Kyber, the issue was caused by malicious code inserted into the KyberSwap website through the use of Google Tag Manager.
According to a tweet posted by Kyber, “We strongly urge all #DeFi projects to conduct a thorough check on your frontend code and associated Google Tag Manager (GTM) scripts.” This is because the attacker may have targeted multiple sites.
When compared to other recent attacks on decentralised finance projects, which have seen numerous thefts of users’ funds totaling multiple millions of dollars, the attack on Kyber was relatively minor. Nevertheless, this demonstrates once more the myriad of ways in which users of DeFi networks are susceptible to assaults.
