With $265,000 in funds siphoned off, decentralized exchange (DEX) KyberSwap joins the list of DeFi projects to experience a front-end attack following the Curve Finance exploit from last month.
Kyber Network, the liquidity protocol on which KyberSwap is based, said the assault on its website was immediately discovered and resolved within a few hours.
On Sept. 1, Kyber Network identified a suspicious element on its front end, and on shutting down its front end to conduct investigations, the network said it identified a malicious code in its Google Tag Manager that inserted a false approval, allowing a hacker to transfer a user’s funds to his address.
Websites frequently employ GTM scripts to monitor user behavior and collect data for analytical usage.
Further investigation revealed there was no further suspicious behavior after the malicious script was removed when the GTM was disabled, according to Kyber.
The script was subtly inserted, and it was expressly designed to target whale wallets with enormous sums, the exchange said.
After restoring the UI, necessary procedures were undertaken to find all of the attackers' addresses, assess the damage, and determine which addresses were impacted, according to Kyber.
“We have identified US$265k worth of user funds that have been lost. These numbers will be updated if any new information arises,” Kyber Network stated.
AMUSDC Tokens Were Stolen
Aave Matic interest-bearing USDC (AMUSDC) tokens worth $265,000 were moved by the hackers in four transactions.
Loi Luu, Co-founder of Kyber Network tweeted, “This is the first time a hack happened to us after 5 years, unfortunately, but our team handled this incident exceptionally well. Within a few hours, since the hack is detected, we identified the malicious code (loaded on-the-fly via a reputable 3rd party js lib), and removed it.”
Aave is present on the Polygon blockchain in addition to Ethereum and a few other ones.
The token in question stands for a USDC stablecoin that has been deposited on Aave's Polygon integration.
Users receive the interest-bearing version as a representation of their deposit each time a token similar to this is deposited on the lending platform.
Kyber Network Offers Bounty To Hackers
In exchange for returning the funds that were stolen, Kyber Network said it will pay the hackers a 15% reward totaling $40,000.
The firm asked that the remaining cash be sent to a wallet address it has provided.
No money has been repaid as of now.
Crypto Industry Plagued By Hacks
The crypto industry has been plagued with consistent attacks by bad actors.
This year saw witnessed two of the biggest hacks in history, the first on an Ethereum-to-Solana bridge network in January and the second to Axie Infinity's Ronin crypto bridge in March.
Users at the time lost $878 million as a result of these two attacks alone.
