Decentralised exchange and aggregator KyberSwap, operating across 15 blockchains, recently fell victim to a security exploit, leading to a staggering $48 million loss. The exchange has issued a cautionary statement, urging all users to swiftly withdraw their funds.
Stani Kulechov, the founder of the lending protocol, echoed the advisory, emphasising the need for users to revoke allowances linked with Kyber.
Established in 2018, Kyber held a total value locked (TVL) of $86.8 million prior to the security breach.
The hacker, directing funds to a specified wallet, accumulated $48 million by Wednesday evening, as reported by Spreek, a notable figure in the DeFi space. Notably, $20 million was siphoned from Kyber’s Arbitrum deployment, $15 million from Optimism, and over $7 million from Ethereum.
Spreek and 0xngmi, the pseudonymous founder of DeFi Llama, highlighted that the attack specifically targets liquidity providers (LPs). KyberSwap has initiated a thorough investigation into the incident.
In response to the breach, KyberSwap advises users to promptly withdraw their funds, emphasising the importance of securing their assets. Stani Kulechov urges users to take action by revoking allowances tied to Kyber, underlining the gravity of the situation.
As the identified wallet amasses stolen funds, the DeFi community remains on high alert.
The attack’s focus on liquidity providers has raised concerns about the broader vulnerability of decentralised exchanges. KyberSwap reassures users that it is diligently investigating the situation to understand the extent of the breach and implement necessary security measures.
The $48 million security breach has cast a shadow over KyberSwap’s previously robust standing. With the hacker targeting various deployments, including Arbitrum, Optimism, and Ethereum, the incident raises questions about the overall security landscape of decentralised finance (DeFi) platforms.