Home » Kyber Network Whales loses $265k in a cyber attack

Kyber Network Whales loses $265k in a cyber attack

2nd Sep 22 1:12 pm

Multichain DeFi platform Kyber Network lost approximately $265,000 due to a platform vulnerability to its website code, CoinDesk wrote, citing a statement from Kyber published on the latter’s blog.

The attack appears to have impacted two “whale” addresses, but Kyber plans to reimburse the losses.

The platform tweeted, “Users will be compensated. It appears the attacker was targeting whale wallets.”

Read more on Cryptocurrencies and investments:

Ethereum’s use in illegal activities rises sharply to stand at 0.33% overtaking BTC

The volume of Ethereum related tweets is down 65% since the beginning of 2022

Kyle Roche withdraws from crypto class action suits after alleged ‘gangster style’ attacks on firms following ‘leaked videos’

Ruja Ignatova is on the FBI’s Most Wanted list for laundering $105 million of the global OneCoin scam

Kyber soon discovered the weakness in its code, which made the exploit possible. It allows attackers to insert false approval, thereby letting them transfer users’ funds to their address on September 1. The threat was neutralized within two hours.

KyberSwap hit the hardest

The attack hit the DEX KyberSwap, which enables users to exchange currencies on different blockchains. No damage was done to KyberSwap’s blockchain contracts. The issue stemmed from malicious Google Tag Manager (GTM) code in the KyberSwap website.

Upon further investigation, Kyber found they could eliminate the bad script by disabling GTM, and there was no more suspicious activity thereafter.

The attackers had injected the script discreetly. Kyber proceeded to restore the user interface and took subsequent measures to identify all of the attackers and victims’ addresses as well as the scope of damage inflicted.

Kyber added in another tweet, “We strongly urge all DeFi projects to conduct a thorough check on your frontend code and associated Google Tag Manager (GTM) scripts as the attacker may have targeted multiple sites.”

While this attack was not significant compared to other recent ones impacting DeFi projects, some of which caused losses of hundreds of millions of dollars, it does draw attention to the myriad of vulnerabilities putting DeFi users at risk.

Leave a Comment

You may also like