Decentralized exchange (DEX) KyberSwap was attacked by hackers in its liquidation group in the early morning of November 23 and took about 47 million USD. Initial suspicions were that it was a Flash Loan Attack (flashloan hack ).
According to information, this protocol's Elastic liquidation pools were siphoned off by hackers with an estimated value of 47 million USD, on many blockchains supported by KyberSwap to open liquidation, including Ethereum, Arbitrum, Optimism, Base, Polygon ,…
Notably, the bulk of the funds taken were in the form of ETH liquidation lock and Liquid Staking Token , as pointed out by Hsaka's account.
However, the hacker seems to have forgotten about the pool on Scroll as there is still 5 million USD in assets left untouched.
Initial analysis shows that only KyberSwap's liquidation pools were attacked via flashloan , so users did not need to revoke access previously granted to Kyber.
Kyber Network has confirmed the incident and requested users to withdraw all funds to prevent other potential vulnerabilities.
According to data from defillama, Kyber's DeFi products, or TVL of 86 million USD, has decreased to 27 million USD at the time of writing, when users massively withdrew money.
The community also pointed out the hacker's "audacity" when both making withdrawal transactions and leaving instructions describing his actions.
Not stopping there, he also sent a message to the Kyber team, declaring that he was willing to negotiate to return the money, but had to wait "until he has fully rested".
Kyber Network's KNC Token price is fluctuating wildly after information that KyberSwap was hacked.
In September last year, KyberSwap was also attacked by hackers by exploiting Front-End interface loopholes and stealing 265,000 USD worth of cryptocurrency.