An Unexpected Heist

In a plot twist worthy of a heist movie, KyberSwap, the decentralized exchange on the Kyber Network, found itself in a sticky situation when a clever hacker pilfered about $265,000 in user funds due to a frontend exploit. But wait, instead of going for blood, Kyber Network decided to play Mr. Nice Guy and offer the hacker 15% of the stolen funds as a bug bounty! That’s approximately $40,000 for a friendly chat instead of a police chase. Mmm, what’s your take on this transaction?

Tracking Down the Troublemaker

In their whirlwind blog post, Kyber Network laid out their plans to track the thief. They sweetened the deal with a not-so-gentle reminder: “We know the addresses you own have received funds from central exchanges and we can track you down from there.” Not exactly a comforting thought for the hacker hiding behind their screen!

• Kyber explained that they could pinpoint the hacker through their OpenSea profiles.
• Plus, with eyes everywhere, from NFT communities to trading platforms, cashing out could become tricky.

The Process of the Attack

So, how exactly did this digital drama unfold? The exploit was discovered on September 1, 2022, at 8:24 AM UTC. Kyber Network acted quickly, shutting down their frontend after noticing suspicious activity. It turned out a malicious code infiltrated their Google Tag Manager, focusing on those hefty wallets we often refer to as