Kyber said that the team was able to “neutralize” the threat within two hours.
Decentralized exchange (DEX) Kyber Network has revealed that the attack vector responsible for last week’s exploit was successfully identified and removed.
In the latest blog post, the platform notified the community that the KyberSwap website and UI were safe and that the attack was neutralized on the same afternoon of being picked up.
Kyber’s Update on Exploit
According to an interim update provided by the DeFi platform, the attack impacted two wallets. One of them was fully compensated for all funds. It added,
“The other wallet provided approvals to the malicious script, and successfully revoked his approval before losing any funds. There are no other wallets that are impacted or lost funds as a result of this exploit.”
Kyber is currently engaged with industry partners, top security experts, and law enforcement to identify the hackers and retrieve the stolen funds. It also affirmed that further details on the hack and root causes will be provided later this month.
Front-end Attack on Kyber
On September 1, Kyber Network, the liquidity protocol on which KyberSwap is built, suffered a front-end attack. The team discovered a vulnerability to its website code that helped perpetrators to compromise the app’s front end through the Google Tag Manager (GTM) script.
Per the company’s announcement, by injecting malicious script via GTM, the attackers were able to make users approve their funds and send them to the hackers’ address, and steal $265,000 in the process.
The KyberSwap team then disclosed that the attackers discreetly launched the bad script that targeted whale wallets on Ethereum and Polygon. It also noted that affected users would be fully compensated and attempted to open dialogue with the attackers by offering 15% of the funds from a $265,000 exploit as a bug bounty.
Less than 48 hours later, cryptocurrency exchange Binance identified two suspects and shared the intel with KyberSwap as well as concerned law enforcement agencies.
DeFi exploits have been rampant, and criminals are constantly ramping up efforts to exploit potential vulnerabilities. According to Chainalysis’ study, hackers have stolen nearly $1.4 billion worth of digital assets since January 2022, an almost eightfold increase from last year’s equivalent period.
While detailing the various DeFi hacks and exploits, the Federal Bureau of Investigation (FBI) recently issued a statement warning investors to tread carefully.