Decentralized exchange protocol KyberSwap announced that it had recovered $4.67 million in funds after a recent security attack that resulted in a staggering loss of nearly $50 million from its concentrated liquidity pools last week.
The hacking incident targeted KyberSwap’s Elastic pools, affecting funds across various blockchains, including Arbitrum, Optimism, Ethereum, Polygon, Binance Smart Chain, and Base. The attacker exploited a vulnerability linked to the tick interval boundaries in Kyber’s concentrated liquidity pools.
By manipulating these boundaries, the hacker managed to double the liquidity and subsequently drain the pools, resulting in the theft of over $46 million in digital assets.
Negotiations With Front-Running Bots Operators
In response to the attack, KyberSwap engaged in negotiations with the operators of front-running bots responsible for extracting approximately $5.7 million in crypto from the protocol’s pools on the Polygon and Avalanche networks during the hack.
The negotiations concluded on November 26, with the bot operators agreeing to return 90% of the funds to a specified KyberSwap address on the Polygon network, receiving a 10% bounty as their incentive.
According to the official update, the recovered funds include:
- 361.92 axl-wstETH ($870.5k)
- 441.8 WETH ($919k)
- 261.5 wstETH (~$624k)
- 711,430.9 WMATIC (~$547.8k)
- 443,011.6 USDT (~$443k)
- 385,630.7 USDC (~$385.6k)
- 65,130 USDT (~$65.1k)
#PeckShieldAlert Our community contributor has detected that one of the KyberSwap exploiters has refunded 361,876 $USDC.e on #AVAX https://t.co/EO82Pw606B pic.twitter.com/Lc5towMVCX
— PeckShieldAlert (@PeckShieldAlert) November 27, 2023
Negotiations With Hacker in Limbo
It’s worth noting that this negotiation with the front-running bot operators is separate from the ongoing discussions with the main hacker.
Although KyberSwap has expressed a willingness to negotiate with the hacker, who had indicated a similar inclination, progress in these talks appears to be limited at this point. The team had also announced a white hat bounty.
After the recovery of a portion of stolen funds from front-running bots, KyberSwap assured the community of aiding law enforcement and cybersecurity efforts in pursuing and recuperating user funds from the hacker.
“Following this recovery of users’ funds from the frontrun bots, we will continue to support law enforcement and cybersecurity on track down and recovery of users’ funds from the perpetrator of the exploit attack.”
Read the full article here
