Kyber Network has offered a bounty following the exploit of a bug that resulted in a loss of $265,000.
According to a report shared by the company, an unknown hacker used a frontend exploit to steal roughly $265,000 worth of user funds from KyberSwap. The decentralized exchange company has offered to pay 15% of the stolen funds as a bug bounty.
According to a blog post by the Kyber Network, the company will compensate all users for any funds stolen from their accounts. At the same time, the blockchain-based liquidity hub has offered the hacker an opportunity to return the funds in exchange for 15% of the stolen amount. Since the stolen funds were roughly $265,000, the bounty amount would be around $40,000.
To ensure its customers are aware of the situation, Kyber Network said that it could track down the people whose funds might have been stolen by the unknown TA, and it also tracked the users that have the addresses of the OpenSea profiles. The company has reportedly shut down its front end post the exploit, which occurred at 8:24 AM UTC on Sept 1, 2022.
According to the company’s report, it found “a malicious code” in its Google Tag Manager, which was silent targeting “whale wallets with large amounts,” giving the hacker access to quickly transfer the funds to different addresses. Kyber Network co-founder Loi Luu stated that this is the first attack they have received in the five years since its operation. The TA exploited several accounts on the platform and stole approximately $265K. Fortunately, the company could stop the attack after 2 hours of its detection.
In the blog, the company assured its users that the platform was now safe. This attack was an FE exploit, and there is no smart contract vulnerability. For now, it is safe to use KyberSwap with caution. When signing for approval, check the txn information. If the transaction is to give an allowance, please ensure the allowance is given to the correct contract address.”
AI fraud, deepfake probes, SME cyber warnings, and ransomware cases highlight rising global risks in this week’s Cyber Express roundup.
French national bank authority confirmed a major data breach affecting 1.2 million bank accounts after a malicious actor stole credentials…
The real success of AI will not only depend on how powerful the technology becomes, but on how safely, fairly,…
Israel data breach totals two petabytes, with phishing up 35% and cyber influence attacks rising 170%, says Yossi Karadi.
The UMMC cyberattack halted surgeries, closed clinics statewide and triggered a federal probe into potential patient data exposure.
ESET researchers discovered PromptSpy, the first known Android malware to integrate generative AI directly into its execution flow, marking a…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More