"Despite" the legal threat from the project, hacker KyberSwap also made a series of new demands and even demanded control of the entire company.
KyberSwap hackers "wildly" demanded control of the company
On the evening of November 30, 2023, the cryptocurrency community was once again "stirred" with new information related to the hacker "drama" KyberSwap and the project management team because of "wild" negotiation proposals. crazy"!
The detailed story of the incident is as follows: When completing the attack via flash loan , causing a loss of 47 million USD to the DEX KyberSwap on November 23, 2023, the executive team "promised" 10% bug bounty reward if hacker refunds money .
But when the refund deadline passed, Kyber was forced to use strong measures when contacting law enforcement and cybersecurity agencies to report the incident to prepare to trace the attacker.
By the evening of November 29, 2023, the hacker had sent a response message to Kyber Network, but had not officially made a decision on the case. It is expected to make the desired proposal on November 30 (local time). UTC).
As promised, on the evening of November 30, 2023, the hacker officially submitted his negotiation proposal, but the content contained many "unexpected" demands, the most notable of which was demanding control Control the entire Kyber Network.
Content of the message requesting negotiation from hacker KyberSwap sent to the project management board on the evening of November 30, 2023
Specifically, the KyberSwap hacker's requirements are as follows:
- Complete operational control over Kyber Network.
- Temporary permissions to KyberDAO to make governance changes.
- All documents and information related to the formation, structure, operations, revenue, profits, expenses, assets, liabilities, investors, salaries, etc. of the company/transaction awake.
- Surrender all Kyber on-chain and off-chain assets, including: stocks, Capital , Token (KNC and non- KNC), partnerships, blogs, websites, servers, passwords , code, social channel accounts, and any other creative intellectual property of Kyber.
If Kyber Network meets the above requirements, in return, the hacker will give the following "incentives":
- The company will be acquired at a reasonable valuation.
- All employees will receive double their current salary. Employees who do not want to stay will be paid 12 months of severance pay with full benefits and support to find a new job.
- Under hacker management, Kyber will undergo a complete makeover. It will no longer be the 7th most popular DEX but instead a completely new crypto project.
- LP (LPs) will receive a 50% rebate for their recent market making activities.
The deadline of the "Kyber treaty" that hackers set for the project team to meet is before December 10, 2023. After the deadline, the agreement will be canceled, all the money from the attack will obviously "lay dormant" in the hacker's pocket, meaning the Kyber Network team will not receive any money!
Immediately after the "ultimatum" from the hacker, Kyber Network CEO Victor Tran also "fired back" with the statement that "no one cares about Kyber users as much as the current team". At the same time, he made an appointment that tomorrow (December 1, 2023) there will be a response to the hacker's message.
No one fucking cares about Kyber users like we do. You deserve the best. Message tomorrow @KyberNetwork .
— Victor Tran (@vutran54) November 30, 2023
It can be seen that this is XEM one of the most complex hacks and the most sophisticated tricks in history. At the time of the hack, the attacker had "spread" hope by leaving a message ready to negotiate after enough rest. But up to now, the more "agreement" is, the more disappointed the hacker side is. has not made any move to cooperate with the project because he said he "did not like the threatening tone of demanding money from the executive team".
DeFi insurance unit Sherlock also Chia sympathy with Kyber Network and highlighted the harshness and difficulty of finding the above vulnerability.
However, also in his announcement, Sherlock said Kyber did not register for an insurance program, thus resulting in not receiving compensation after this incident. This unit also corrected that any compensation is very small compared to the current figure of 54.7 million USD in damages.
Sherlock is extremely disappointed to see the @KyberNetwork exploit and is fully engaged in assisting Kyber.
— SHERLOCK (@sherlockdefi) November 25, 2023
The hack is one of the most complex exploits ever seen in DeFi but this does not absolve Sherlock from responsibility.[1]
For background, the Kyber team stands out as a… pic.twitter.com/dBnRECMs3T
KNC price is currently trading around 0.72 USD, overall not too volatile with the latest news related to the hacking "drama".
KNC/ USDT chart taken at 08:450 PM on November 30, 2023 on Binance
Coin68 compiled
Join the discussion about the hottest issues of the DeFi market in the Fomo Sapiens chat group with Coin68 admins!!!
