Hacker Demands Full Control after KyberSwap Breach
Date: 2023-12-02 Author: Dima Zakharov Categories: IN WORLD
Breach Details
The breach at KyberSwap saw an assailant seizing control and demanding access to both online and offline assets, including shares and tokens, highlighting the severity of the intrusion.
Elastic Pools Incident
On November 23, a liquidity pool breach at Elastic Pools led to the siphoning of approximately $47 million by the hacker. The intruder hinted at negotiation intentions shortly after executing the transaction.
Negotiation Attempts
Subsequently, KyberSwap's decentralized autonomous organization attempted negotiation by proposing a deadline of November 25 for the return of a significant portion of the funds in exchange for a reward.
Hacker's Demands
A week later, the hacker responded, presenting what they deemed the "sole and best" conditions. The demands included doubling employee salaries and offering a 12-month severance package with full benefits and assistance in finding new employment for those choosing to leave the project.
Proposed Terms
The hacker outlined a plan where liquidity providers could expect a 50% refund, acknowledging it as more than deserved but less than satisfactory. Top managers were offered a buyout at "fair value," emphasizing that their actions were not malicious but a result of an error in rounding.
Ultimatum and Contact
Setting a deadline of December 10, the hacker warned that failure to meet the conditions would render the agreement void. Contact details were left via Telegram for communication purposes.
Caution Against Fraudulent Claims
Earlier, KyberSwap's team cautioned against fraudulent compensations, emphasizing the seriousness of the ongoing situation.
Prior Incidents
In a separate incident in November, an unknown entity withdrew $25 million in cryptocurrencies from Taiwan-based trading platform Kronos Research.
