An address linked to the KyberSwap hacker has moved 1600 ETH, valued at approximately $3.72 million, to the privacy mixer Tornado Cash. Blockchain analytics firm Arkham Intelligence first flagged the transaction. This transfer marks a significant development in the aftermath of the $48.8 million exploit that shook the decentralized finance (DeFi) ecosystem in November 2023.
KyberSwap Hacker Moves $3.7M in ETH: The Transaction Details
On March 15, 2025, Arkham reported that the wallet address, believed to be controlled by Andean Medjedovic, executed the transfer. The 1600 ETH moved in a single batch. Tornado Cash is a popular tool for obfuscating transaction trails. This action suggests the hacker is actively trying to launder the stolen funds.
The transaction originated from a wallet that had remained dormant for months. After the initial exploit, the hacker moved funds across several addresses. This new activity signals a fresh phase in the case. Law enforcement agencies, including the FBI, have previously tracked similar Tornado Cash deposits.
Background of the $48.8 Million KyberSwap Exploit
The KyberSwap hacker exploited a critical vulnerability in the platform’s Elastic pools. The attack occurred on November 22, 2023. It drained approximately $48.8 million in various cryptocurrencies. The hacker used a sophisticated technique involving a “fake token” to manipulate price calculations.
Following the exploit, the hacker returned roughly $4.7 million to the protocol. However, they retained the majority of the stolen assets. The KyberSwap team offered a 10% bounty for the return of the remaining funds. The hacker refused and instead demanded control of the company.
- Exploit Date: November 22, 2023
- Total Stolen: $48.8 million
- Returned: $4.7 million
- Suspect: Andean Medjedovic
Why Tornado Cash Matters in This Case
Tornado Cash is a decentralized, non-custodial privacy protocol. It breaks the on-chain link between a sender and a receiver. Hackers frequently use it to launder stolen cryptocurrency. The U.S. Treasury sanctioned Tornado Cash in August 2022. This sanction made it illegal for U.S. persons to interact with the protocol.
The KyberSwap hacker using Tornado Cash creates legal complications. It signals an intent to obscure the origin of the funds. This move makes recovery efforts by law enforcement significantly harder. The transaction also raises questions about the effectiveness of current sanctions.
Expert Analysis on the KyberSwap Hacker’s Strategy
Blockchain security experts at Arkham and Chainalysis have analyzed the transaction patterns. They note that the hacker has used multiple intermediary wallets. This layered approach is a common money laundering technique. The use of Tornado Cash adds a final layer of privacy.
“This is a classic ‘smurfing’ technique,” explains a senior analyst at a leading crypto intelligence firm. “The hacker breaks large amounts into smaller chunks. Then they route them through mixers. This makes tracing the final destination extremely difficult.” The analyst requested anonymity due to the ongoing investigation.
Timeline of the KyberSwap Hacker’s Fund Movements
Tracking the KyberSwap hacker fund movements reveals a careful strategy:
| Date | Action | Amount |
|---|---|---|
| Nov 22, 2023 | Initial exploit | $48.8 million |
| Nov 23, 2023 | Return of partial funds | $4.7 million |
| Nov 24, 2023 | Funds moved to multiple wallets | Varied |
| Mar 15, 2025 | Transfer to Tornado Cash | 1600 ETH ($3.72M) |
Impact on the DeFi Security Landscape
The KyberSwap incident highlights persistent security flaws in DeFi protocols. Smart contract audits are not foolproof. Hackers continue to find novel vulnerabilities. The KyberSwap hacker case is a stark reminder for developers.
DeFi platforms must implement better monitoring systems. They should also have clear recovery plans. The community now faces a critical question: How can we prevent such large-scale exploits in the future? The answer lies in more rigorous testing and real-time threat detection.
Lessons for Crypto Investors
Investors should remain cautious. No platform is completely secure. Diversifying assets across multiple protocols can reduce risk. Following the KyberSwap hacker story also shows the importance of using reputable platforms with strong security track records.
Conclusion
The KyberSwap hacker moving $3.7 million in ETH to Tornado Cash marks a dangerous escalation. It shows the hacker’s determination to launder the stolen funds. This event reinforces the need for stronger DeFi security and better regulatory frameworks. The crypto community must stay vigilant against such sophisticated attacks.
FAQs
Q1: Who is the KyberSwap hacker?
The suspect is Andean Medjedovic, a 21-year-old Canadian national. He is accused of exploiting the KyberSwap protocol for $48.8 million.
Q2: What is Tornado Cash?
Tornado Cash is a decentralized privacy mixer that obscures the transaction trail on the Ethereum blockchain. It has been sanctioned by the U.S. Treasury.
Q3: How much ETH did the hacker move?
The hacker moved 1600 ETH, worth approximately $3.72 million at the time of the transaction.
Q4: Can the stolen funds be recovered?
Recovery is extremely difficult once funds enter Tornado Cash. Law enforcement agencies have had limited success in such cases.
Q5: What was the KyberSwap exploit?
The exploit was a sophisticated attack on KyberSwap’s Elastic pools. It drained $48.8 million through a price manipulation vulnerability.
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.