- KyberSwap exploit led to hackers draining approximately $265,000 on September 1
- Binance had shared the intel with KyberSwap and law enforcement agencies
Leading cryptocurrency exchange Binance has identified two suspects linked to the $265,000 frontend attack on decentralized exchange (DEX) protocol KyberSwap.
“#Binance security team has identified two suspects for yesterday’s KyberSwap hack. We have provided the intel to the Kyber team, and are coordinating with LE (law enforcement)”, Binance CEO CZ’s tweet reads.
KyberSwap was subjected to the exploit on Friday when it discovered a vulnerability to its website code that allowed exploiters to drain approximately $265,000. Kyber added that it discovered the exploit, which let attackers insert a “false approval, allowing a hacker to transfer a user’s funds to his address,” on September 1 and “neutralized” the threat within two hours.
The protocol further revealed that the exploiters would be rewarded with a 15% bug bounty if they returned the stolen funds. Kyber added that it is aware of the attacker’s crypto addresses and OpenSea marketplace profiles, so it will be difficult for them to “cash out.”
Kyber, further in its announcement, urged all DeFi projects to conduct a thorough check on your frontend code & associated Google Tag Manager (GTM) scripts as the attacker may have targeted multiple sites.
Two days after the attack, the Binance security team had identified the suspects behind the exploit. Binance added that it had shared the intel with KyberSwap. The crypto exchange further disclosed it had involved government authorities and law enforcement in the matter for further investigation.
In recent days, Binance has played an instrumental role in helping several hacked protocols identify the attackers or recover some stolen funds. Last month, Binance helped recover $450k of the Curve Finance stolen funds.
Through his Twitter account, Binance CEO CZ had disclosed that the exchange recovered $470,000 of the Curve stolen funds, representing more than 83% of the hack.
Binance security team’s involvement in helping hacked protocols identify attackers and recover funds has earned it the reputation of a big brother in the Web3 space. “Binance is now playing the role of a big brother in the crypto space. Binance has gone beyond securing its platform to securing the entire crypto ecosystem”, a reply under CZ’s tweet reads.