KyberSwap Retrieves $4.7 Million After Security Attack

Brian Yue
Last updated: | 1 min read
After the initial attack last week, KyberSwap said that it had lost a total of $47 million from its concentrating liquidity pools.
Source: Pixabay

The decentralized exchange protocol recovered the funds following a security attack last week.

After the initial attack last week, KyberSwap said that it had lost a total of $47 million from its concentrating liquidity pools.

Yesterday, a portion of the funds recovery was successfully achieved through negotiations with the operators of front-running bots. Approximately $5.7 million in cryptocurrency, extracted from KyberSwap pools on the Polygon and Avalanche networks during the hack, has been reclaimed, the exchange said on X.

Under the negotiated agreement, the operators of the bots committed to returning 90% of the embezzled funds to a designated KyberSwap address on the Polygon network. As an incentive, a 10% bounty was offered to the operators for their cooperation in the recovery process, meaning KyberSwap will recover $4.67 million in total.

According to KyberSwap’s update, the recovered funds include 361.92 axl-wstETH ($870.5k), 441.8 WETH ($919k), 261.5 wstETH (~$624k), 711,430.9 WMATIC (~$547.8k), 443,011.6 USDT (~$443k), 385,630.7 USDC (~$385.6k), and 65,130 USDT (~$65.1k).

The hacker specifically targeted KyberSwap’s Elastic pools, affecting funds across various blockchains such as Arbitrum, Optimism, Ethereum, Polygon, and Binance Smart Chain.

This negotiation stands apart from discussions with the primary event’s hacker, who had previously expressed a willingness to engage in talks. Although the team had proposed a white hat bounty, it appears that progress in those negotiations has not been achieved thus far.

The hacker exploited a vulnerability associated with the tick interval boundaries in KyberSwap’s concentrated liquidity pools. The hackers used the vulnerability to artificially double the liquidity and drain the pools of their assets.

After this initial recovery of funds, KyberSwap reassured its users that it would continue to do anything possible to retrieve the rest of the stolen money.

“Following this recovery of users’ funds from the frontrun bots, we will continue to support law enforcement and cybersecurity on track down and recovery of users’ funds from the perpetrator of the exploit attack,” KyberSwap said.