KyberSwap

Crypto thieves steal $363M in Nov, the most ‘damaging’ month so far

The Poloniex and HTX/Heco Bridge exploits as well as the KyberSwap flash loan attack were the three largest incidents in November, according to blockchain security firm CertiK.

The cryptocurrency industry has now seen its most “damaging” month for crypto thievery, scams and exploits, with crypto criminals walking away with $363 million in November, according to a blockchain security firm.

Around $316.4 million came from exploits alone, flash loans inflicted $45.5 million in damage, and $1.1 million was lost to various exit scams, CertiK stated in a Nov.

#CertiKStatsAlert

Combining all the incidents in November we’ve confirmed ~$363M lost to exploits, hacks and scams

This makes November the most damaging month this year

Exit scams were ~$1.1M

Flash loans were ~$45.5M

Exploits were ~$316.4M

See more details below pic.twitter.com/QoDy6d8IJH

— CertiK Alert (@CertiKAlert) November 30, 2023

The largest exploits in November occurred on Poloniex and HTX/Heco Bridge, with losses of $131.4 million and $113.3 million, respectively.

The third largest exploit was inflicted on a single victim who lost $27 million from a phishing attack.

Meanwhile, the $45 million KyberSwap attack accounted for nearly all damage done for flash loan attacks in the month.

The latest monthly figure has surpassed an earlier record of $329 million, set in September, caused mainly by the $200 million Mixin Network attack.

As of the end of November, about $1.7 billion has now been lost to exploits, exit scams and flash loan attacks in 2023.

Crypto thieves steal $363M in Nov, the most ‘damaging’ month this year

The Poloniex and HTX/Heco Bridge exploits as well as the KyberSwap flash loan attack were the three largest incidents in November, according to blockchain security firm CertiK.

The cryptocurrency industry has now seen its most “damaging” month for crypto thievery, scams and exploits in 2023, with crypto criminals walking away with $363 million in November, according to a blockchain security firm.

Around $316.4 million came from exploits alone, flash loans inflicted $45.5 million in damage, and $1.1 million was lost to various exit scams, CertiK stated in a Nov.

#CertiKStatsAlert

Combining all the incidents in November we’ve confirmed ~$363M lost to exploits, hacks and scams

This makes November the most damaging month this year

Exit scams were ~$1.1M

Flash loans were ~$45.5M

Exploits were ~$316.4M

See more details below pic.twitter.com/QoDy6d8IJH

— CertiK Alert (@CertiKAlert) November 30, 2023

The largest exploits in November occurred on Poloniex and HTX/Heco Bridge, with losses of $131.4 million and $113.3 million, respectively.

The third largest exploit was inflicted on a single victim who lost $27 million from a phishing attack.

Meanwhile, the $45 million KyberSwap attack accounted for nearly all damage done for flash loan attacks in the month.

The latest monthly figure has surpassed an earlier record of $329 million, set in September, caused mainly by the $200 million Mixin Network attack.

As of the end of November, about $1.7 billion has now been lost to exploits, exit scams and flash loan attacks in 2023.

Binance identifies KyberSwap hack suspects, involves law enforcement

Based on an independent investigation, Binance’s security team identified two suspects that may be responsible for orchestrating the virtual heist of $265,000 on KyberSwap.

Helping investigate a $265,000 hack on decentralized crypto exchange KyberSwap, crypto exchange Binance narrowed down two suspects that seem responsible for the attack.

On Thursday, Kyber Network succumbed to a frontend exploit, allowing the attacker to make away with $265,000 worth of user funds from KyberSwap. While investigations were underway, KyberSwap offered a 10% bounty — of roughly $40,000 — to the hacker as means to remediate the situation.

Parallelly, based on an independent investigation, Binance’s security team identified two suspects that may be responsible for orchestrating the virtual heist. Binance CEO Changpeng “CZ” Zhao confirmed that the intel had been sent to the Kyber team.

#Binance security team has identified two suspects for yesterday’s KyberSwap hack. We have provided the intel to the Kyber team, and are coordinating with LE (law enforcement).

Stay #SAFU. https://t.co/tbQBGaGTNG

— CZ Binance (@cz_binance) September 3, 2022

Binance has also begun coordinating with law enforcement as efforts from both ends continue to corner the hackers.

Being the biggest crypto exchange in terms of trading volume, Binance’s proactive and selfless effort to help investors from other ecosystems didn’t go unnoticed, as one of the community members pointed out:

“Binance is now playing the role of a big brother in the crypto space. Binance has gone beyond securing its platform to securing the entire crypto ecosystem.”

If Binance’s investigation checks out, KyberSwap investors may be witness to a rare community-driven hack redemption.

CZ recently retaliated against rumors and false allegations that Binance was a Chinese-based “criminal entity” that “secretly [belongs] in the pocket of the Chinese government.”

While explaining his long-time ties to Chinese entrepreneurs and colleagues, he added:

“The greatest challenge that Binance faces today is that we (and every other offshore exchange) have been designated a criminal entity in China. At the same time, our opposition in the west bends over backward to paint us as a ‘Chinese company.’”

CZ confirmed that Binance has never been legally incorporated in China and never operated like a Chinese company culturally either.

Kyber Network offers bounty following $265K hack of decentralized exchange

“As a bug bounty, we are offering you 15% of the funds if you return it and have a conversation with our team,” said Kyber Network.

KyberSwap, the decentralized exchange built on liquidity protocol Kyber Network, has offered a hacker 15% of the funds from a $265,000 exploit as a bug bounty.

In a Thursday blog post, Kyber Network said a hacker had used a frontend exploit to pilfer roughly $265,000 worth of user funds from KyberSwap. The protocol said it will compensate all users for any missing funds related to the exploit, and directly addressed the hacker to give them an opportunity to return the funds in exchange for “a conversation with our team” and 15% of what was taken — roughly $40,000.

“We know the addresses you own have received funds from central exchanges and we can track you down from there,” said Kyber Network. “We also know the addresses you own have OpenSea profiles and we can track you through the NFT communities or directly through OpenSea. As the doors of exchanges close upon you, you will not be able to cash out without revealing yourself.”

1/ ❗️Notice of Exploit of KyberSwap Frontend:

We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this thread⬇️

— Kyber Network (@KyberNetwork) September 1, 2022

Kyber Network reported shutting down its frontend following the discovery of a “suspicious element” at 8:24 AM UTC on Sept. 1. The platform disabled its user interface and found “a malicious code” in its Google Tag Manager, which targeted “whale wallets with large amounts,” giving the hacker the ability to transfer funds to different addresses. According to Kyber Network co-founder Loi Luu, this was the first hack on the protocol in five years.

“The attack was identified and put a stop to after 2 hours of investigations,” said Kyber Network. “This attack was an FE exploit and there is no smart contract vulnerability.”

Hackers have used exploits to execute attacks on many decentralized finance protocols, including $100 million being removed from the Horizon Bridge in June and draining $200 million worth of crypto from the Nomad token bridge in August. Cointelegraph reported on Aug. 11 that the overwhelming majority of attackers responsible for the Nomad bridge hack copied the original exploit, directing funds to addresses they chose.