KyberSwap hacker demands full control over Kyber in bizarre on-chain message
Quick Take
- The hacker responsible for draining $47 million from decentralized exchange protocol KyberSwap has demanded full control over the company behind the project in a bizarre on-chain message.
- The attacker said it was their “best” and “only” offer, giving Kyber until Dec. 10 to respond before the “treaty” deal falls through.
The hacker responsible for draining $47 million from decentralized exchange protocol KyberSwap last week outlined their demands in a bizarre on-chain message.
The attacker’s demands include complete control over the company behind Kyber, “temporary” complete control over the project’s governance mechanism (KyberDAO) to enact “legislative changes,” and “all documents and information related to company/protocol formation, structure, operation, revenues, profits, expenses, assets, liabilities, investors, salaries, etc.” They also demanded the surrender of all company on-chain and off-chain assets, including shares, equity, 
KNC
+0.057%
and other held tokens, websites, servers, passwords, code, social channels and all intellectual property.
If the demands are met, the hacker said they will buy out company executives at a fair valuation, saying: “You haven't done anything wrong. A small error was made, rounding in the wrong direction, it could have been made by anyone. Simply bad luck.” The attacker said remaining employees would have their salaries doubled, and those not wanting to stay would receive a 12-month severance package.
“Token holders and investors, under this treaty, your tokens will no longer be worthless,” the attacker continued. “Under my management, Kyber will undergo a complete makeover. It will no longer be the 7th most popular DEX, but rather, an entirely new cryptographic project.”
Liquidity providers who deposited crypto assets to KyberSwap’s liquidity pools would also receive a 50% rebate on losses that occurred from recent market-making activity, the attacker added — saying it was “more than you deserve.”
Final offer
The attacker said this was their best and only offer. If the demands are unmet by Dec. 10, their “treaty” deal will fall through.
The hacker also warned that if they were “contacted by agents from any of the 206 sovereignties” concerning their activity, the deal would be void and rebates zeroed.
“Kyber is one of the original and longest-running DeFi protocols. No one wants to see it go under,” they added.
Following the attacker’s message, co-founder of KyberSwap Victor Tran posted on X, “No one f***ing cares about Kyber users like we do. You deserve the best. Message tomorrow.”
A $47 million exploit
The on-chain message comes roughly a week after $47 million was suspiciously drained from KyberSwap’s Elastic Pools liquidity solution and two days after the hacker promised to outline a potential deal.
KyberSwap advised all users to withdraw their funds in the immediate aftermath of the incident and later offered up a 10% bounty to whoever was responsible for the exploit.
On Monday, the KyberSwap team said it had separately managed to recover $4.7 million in previously drained funds.
The hacker has also been linked to an attack on Indexed Finance, an Ethereum-based project that was hacked for $16 million in 2021.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
