- Attackers took control of the app’s front end by exploiting a weakness in the GTM script.
- Binance had identified two suspects and passed on the information.
Kyber Network, a DEX, has announced that the attack vector responsible for last week’s vulnerability has been successfully found and deleted. Earlier, the platform said in a blog post that the assault had been neutralized and the KyberSwap website and user interface were secure the same day it was detected.
1/ Interim Update: Hack Is Removed, KyberSwap is Secure, & Next Steps
— Kyber Network (@KyberNetwork) September 6, 2022
On the 2 Sept, we shared the discovery of our front-end exploit on KyberSwaphttps://t.co/6XIXPhyfsc
Today, we can provide some interim, official & positive updates ⬇️
A preliminary report from the DeFi platform states that two wallets were compromised. One of them received complete financial compensation. Kyber is working with partners in the industry, top security professionals, and law enforcement to track down the hackers and recover the stolen assets. Additionally, it reaffirmed that more information on the incident and its causes will be made available later this month.
No Response to the Bug Bounty Reward
Kyber Network, the liquidity protocol upon which KyberSwap is based, was attacked on its front end on September 1st. They found a flaw in the website’s code that allowed attackers to take control of the app’s front end by exploiting a weakness in the Google Tag Manager (GTM) script.
According to the company’s statement, the attackers injected malicious content through GTM, tricking customers into sending money to their address. The hackers made off with $265,000.
The KyberSwap team then revealed that the attackers had stealthily released the malicious malware. It had targeted Ethereum and Polygon whale wallets. It also offered 15% of the revenue from a $265,000 exploit as a bug reward and assured impacted consumers they would be reimbursed in full. The hackers so far have not responded to the bug bounty offer.
#Binance security team has identified two suspects for yesterday's KyberSwap hack. We have provided the intel to the Kyber team, and are coordinating with LE (law enforcement).
— CZ 🔶 Binance (@cz_binance) September 3, 2022
Stay #SAFU. https://t.co/tbQBGaGTNG
Approximately 48 hours later, Binance, a cryptocurrency exchange, had identified two suspects. The exchange communicated that information with KyberSwap and concerned law enforcement authorities.
Recommended For You: