Recent reports indicate that Kyber Network has fallen victim to an exploitation incident, resulting in losses exceeding $47 million. The attack has been officially acknowledged by Kyber Network, attributing the vulnerability to KyberSwap Elastic. In response, the network has strongly recommended all users swiftly withdraw their funds. KyberSwap Elastic, an upgraded version of the existing protocol KyberDMM (now referred to as KyberSwap Classic), incorporates the robust features of its predecessor while introducing the concept of concentrated liquidity.
The exploit is reported to have impacted all 15 chains associated with Kyber Network’s flagship product, KyberSwap. This crosschain decentralized exchange (DEX) and aggregator empower users to engage in intelligent trading practices, optimizing their potential earnings.
Industry analysts suggest that the Kyber exploits involve flash loans coupled with a rounding issue. In each transaction, there is an initial ETH balance, followed by a loop of minting, redeeming, and swapping. On-chain investigators indicate that the problem lies in an approval issue within the Kyber aggregator. The hacker seems to be targeting the draining of Kyber liquidity pool (LP) funds. This implies that individuals engaged in trading or swapping may not face any risk, as the malicious actor appears focused on staked amounts within the liquidity pools. Traders are reassured that they are not vulnerable to this particular exploit. However, a cautionary note is issued to Kyber liquidity providers (LPs), advising them to promptly withdraw their stakes.
The Hacker Returns With A Message to Kyber Network
In a noteworthy development, the individual responsible for the breach has made a comeback, conveying a message that negotiations will commence in a few hours, once they are fully rested.
Following the security breach, Kyber Network has recommended users to withdraw their funds as a precautionary measure and stressed the importance of avoiding phishing links. The KyberSwap aggregator, operating independently within the network, continues to function. Kyber Network is dedicated to issuing frequent updates as their team delves into the investigation of the incident. Ongoing recovery initiatives concentrate on comprehending the exploit’s mechanisms and implementing strengthened security measures to mitigate the risk of future incidents.