- Unexpected wallet movements suggest KyberSwap has suffered a $47 million exploit.
- The funds seem to have been drained from liquidity providers.
Decentralized exchange protocol KyberSwap appears to have suffered a $47 million exploit, according to on-chain data. The funds were from its Elastic Pools liquidity solution.
Funds have been unexpectedly moved from wallets associated with the protocol into a single wallet, as first pointed out by a user known as Spreek on X.
Kyber being exploited on all chains rn. here's an example tx on base. 20m+ lost already pic.twitter.com/gvv7M9HWH6
— Spreek (@spreekaway) November 22, 2023
The funds include $20.7 million Arbitrum, $15 million on Optimism, $7 million on Ethereum, $3 million on Polygon and $2 million on Base.
A large portion of the funds are denominated in various forms of ether, such as wrapped tokens and liquid staking tokens, as well as other tokens including arbitrum (ARB) and various stablecoins.
See Also: Over $85 Million Has Been Transferred From HECO Bridge to Suspicious Addresses In An Exploit
KyberSwap Elastic lets liquidity providers choose their preferred price ranges while seeing their yields automatically compound.
“I looked into the [transaction] and dont think it’s an approval issue with kyber aggregator, seems like hacker is just draining the kyber [liquidity provider] pools,” noted 0xngmi, a pseudonymous employee at crypto data site DefiLlama, on X. He added that the total value locked in the protocol is $72 million. This doesn’t appear to have been affected.
i looked into the tx and dont think its an approval issue with kyber aggregator, seems like hacker is just draining the kyber LP pools (TVL is 72M)
— 0xngmi (@0xngmi) November 22, 2023
The price of Kyber Network Crystal fell sharply on the news of the possible exploit.
“Looks like the Kyber exploits is flash loans and some sort of math/rounding issue. Each [transaction] is starting with an ETH balance coming in, looped mint/redeem/swap,” noted Adam Cochran, general partner at Cinneamhain Ventures, on X.
Looks like the Kyber exploits is flash loans and some sort of math/rounding issue.
Each tx is starting with an ETH balance coming in, looped mint/redeem/swap.
So likely not a risk to approvals from non-LPs but worth staying frosty
— Adam Cochran (adamscochran.eth) (@adamscochran) November 22, 2023
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.