KyberSwap DEX exploited for $46 million, TVL tanks 68%

The DEX aggregator has been exploited across multiple blockchains with millions in wrapped Ether and other assets stolen.

Around $46 million in various crypto assets has seemingly been drained from the decentralized KyberSwap exchange in the latest decentralized finance exploit.

On Nov. 23, the Kyber Network team alerted its users stating in an X (Twitter) post that KyberSwap Elastic “has experienced a security incident.”

It advised users to withdraw their funds as a precaution and added it was investigating the situation.

Urgent

Dear KyberSwap Elastic Users,
We regret to inform you that KyberSwap Elastic has experienced a security incident.

As a precautionary measure, we strongly advise all users to promptly withdraw their funds. Our team is diligently investigating the situation, and we…

— Kyber Network (@KyberNetwork) November 22, 2023

Blockchain sleuths highlighted the impacted and exploiter wallet addresses, which were still recently active.

According to Debank data, around $46 million has been pilfered in the attack, including roughly $20 million in wrapped Ether (wETH), $7 million in wrapped Lido-staked Ether (wstETH), and $4 million in Arbitrum (ARB).

The funds were split across multiple chains, including Arbitrum, Optimism, Ethereum, Polygon, and Base.

Kyberswap is being drained, several sources report.

If you have assets, withdraw pic.twitter.com/Y5ooYYzcTd

— olimpio (@OlimpioCrypto) November 22, 2023

In an X post, blockchain sleuth “Spreek” said he was “fairly sure this is NOT an approval-related issue and is only related to the TVL held in the Kyber pools themselves.”

The attacker has also left an on-chain message for protocol developers and DAO members, saying “negotiations will start in a few hours when I am fully rested.”

Related: KyberSwap announces potential vulnerability, tells LPs to withdraw ASAP

DefiLlama data shows KyberSwap’s total value locked (TVL) tanked by 68% over a few hours and almost $78 million left the protocol due to the hack and user withdrawals. Its TVL currently stands at $27 million, down from its 2023 peak of $134 million.

Kyber Network Crystal KNC token prices briefly dipped 7% as news of the exploit broke but have since recovered to trade at $0.74.

The team identified a vulnerability in April, advising users to withdraw liquidity. However, no funds were lost in that incident.

Magazine: Should crypto projects ever negotiate with hackers? Probably