KyberSwap, a decentralised exchange built on the liquidity protocol Kyber Network, has offered a hacker 15% of the funds from a $265,000 exploit as a bug bounty.
In a blog post on Thursday, Kyber Network said that a hacker had used a front-end exploit to steal about $265,000 from KyberSwap users. The protocol said it would pay roughly all users for any funds that were lost because of the exploit. It also directly contacted the hacker to offer them an opportunity to return the funds in exchange for “a conversation with our team” and 15% of what was taken, or about $40,000.
Kyber Network said, “We can find you because we know the addresses you own have received money from central exchanges.” “We also know that the addresses you own have OpenSea profiles, and we can track you through the NFT communities or directly through OpenSea. As the exchanges close, you won’t be able to cash out without showing who you are.”
At 8:24 AM UTC on September 1, Kyber Network said that its frontend was shut down after a “suspicious element” was found. The platform turned off its user interface and found “malicious code” in its Google Tag Manager that targeted “wallets with large amounts” and let the hacker move money to different addresses. Loi Luu, one of the founders of Kyber Network, said that this was the first hack on the protocol in five years.
1/ ❗️Notice of Exploit of KyberSwap Frontend:
We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this thread⬇️
— Kyber Network (@KyberNetwork) September 1, 2022
“After 2 hours of looking into it, the attack was found and stopped,” Kyber Network said. “This attack was a FE exploit and there is no smart contract vulnerability.”
Many decentralised finance protocols have been attacked by hackers using exploits. In June, $100 million was taken from the Horizon Bridge, and in August, $200 million worth of crypto was taken from the Nomad token bridge. Cointelegraph reported on August 11 that almost all of the hackers who broke into the Nomad bridge copied the original exploit to send money to their own addresses.
