The Kyber Network protocol developers addressed the attack vector on the KyberSwap DEX and compensated losses amounting to 265 000 USDC.
1/ Interim Update: Hack Is Removed, KyberSwap is Secure, & Next Steps
On the 2 Sept, we shared the discovery of our front-end exploit on KyberSwaphttps://t.co/6XIXPhyfscToday, we can provide some interim, official & positive updates ⬇️
— Kyber Network (@KyberNetwork) September 6, 2022
“The attack was neutralised in the second half of 1 September 2022 at 16:34 (GMT+7). The attack vector was successfully identified and neutralised on 4 September 2022,” the team said.
According to the report, the incident affected two addresses. One of them was fully compensated.
5/ There were only 2 impacted wallets that now are made whole.
✅1 has been fully compensated of all funds
✅The other wallet successfully revoked his approval before losing any funds
✅No other wallets are impacted or lost funds as a result of this exploit.— Kyber Network (@KyberNetwork) September 6, 2022
“The second wallet granted approval to the malicious script and successfully revoked it before losing any funds,” the Kyber Network clarified.
Earlier on September 1 hackers breached the KyberSwap frontend interface. Developers detected malicious code in the tool Google Tag Manager.
The exploit injected a fraudulent transaction approval, enabling attackers to transfer users’ funds to their own addresses.
Earlier, the FBI issued a warning about the most common vulnerabilities exploited by cybercriminals to attack DeFi platforms.
Follow ForkLog’s bitcoin news on our Telegram — cryptocurrency news, prices and analysis.