KyberSwap, a decentralized crypto exchange aggregator and liquidity platform developed by Kyber Network was hacked. Today the team announced that they identified and fixed the issue leading to a frontend attack. The protocol added that affected users will be compensated.
Related: FBI Warns Against DeFi Crimes
The team tweeted that they detected an unusual element on the interface. So, they shut down the frontend to carry out investigations and found a malicious code in the Google Tag Manager and disabled it.
1/ ❗️Notice of Exploit of KyberSwap Frontend:
— Kyber Network (@KyberNetwork) September 1, 2022
We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this thread⬇️
Kyber Network managed to compile a complete list of confirmed and suspected attacker addresses used during the period. Accounts interacted with centralized exchanges and NFT marketplace OpenSea.
Hackers stole $265,000 of user funds with 2 affected addresses, which shows that they were targeting whale wallets. The team announced they had effectively solved the issue and now it's safe to use all KyberSwap functions including swap aggregator, adding liquidity, and farming. However, they advised users to continue exercising caution.