In the recent decentralized finance exploit, an estimated depletion of approximately $46 million of diverse crypto assets from the decentralized KyberSwap exchange.
The Kyber Network team notified its users on Nov. 23 via an X (Twitter) post, stating that KyberSwap Elastic “has experienced a security incident.”
However, users were advised to withdraw their funds as a precaution, and the incident was being investigated.
Blockchain investigators drew attention to the exploiter wallet addresses that had been active recently.
The attack has reportedly stolen around $46 million, of which roughly $20 million in wrapped Ether (wETH), $7 million in wrapped Lido-staked Ether (wstETH), and $4 million in Arbitrum (ARB), according to data from Debank.
Multiple chains, including Arbitrum, Optimism, Ethereum, Polygon, and Base, were utilized to distribute the funds.
Kyberswap is being drained, several sources report.
If you have assets, withdraw pic.twitter.com/Y5ooYYzcTd
— olimpio (@OlimpioCrypto) November 22, 2023
In an X post, blockchain investigator “Spreek” stated that he was “fairly sure this is NOT an approval-related issue and is only related to the TVL held in the Kyber pools themselves.”
Additionally, the attacker informed protocol developers and DAO members via an on-chain message, “Negotiations will start in a few hours when I am fully rested.”
According to data from DefiLlama, the total value locked (TVL) of KyberSwap plummeted 68% in a matter of hours, and user withdrawals and the breach caused nearly $78 million to leave the protocol.
Currently, its TVL stands at $27 million, a decrease from its 2023 peak of $134 million.
Kyber Network Crystal KNC token prices briefly dipped 7% as news of the exploit broke but have since recovered to trade at $0.74.
In April, the team discovered a vulnerability and recommended that users withdraw liquidity.
Nonetheless, no monetary losses occurred as a result of that incident.