DeFi Liquidity Hub Suffers Frontend Exploit

Canadian NetWalker Ransomware Hacker Pleads Guilty in US Court

Kyber Network, the multi-chain DeFi liquidity hub has suffered an exploit, the team has announced. 

According to the announcement, Kyber Network noticed a suspicious element on their front end and has shut down frontend operations to conduct an investigation. 

They were also able to compile a list of suspicious wallet addresses being active during the time of the exploit. 

At the time of writing, $265,000 worth of assets were lost, with two addresses affected. It seems that the hackers were targeting ‘whale’ addresses.

The team promised to reimburse the amount of assets lost. And while Kyber Network says the threat was neutralized, it cautioned against any suspicious activity with the users’ wallets, at the same time urging all DeFi projects to check their frontends and associated Google Tag Manager (GTM) scripts.

Kyber Network Statement

According to a statement from Kyber, “On 1 Sep, 3.24PM GMT+7, we identified a suspicious element on our frontend. Shutting down our front end to conduct investigations, we identified a malicious code in our Google Tag Manager (GTM)which inserted a false approval, allowing a hacker to transfer a user’s funds to his address. At 4pm GMT+7 we announced to our community that we had disabled the UI, during which we investigated the cause of the frontend exploit. A malicious code in our GTM was identified upon which we disabled GTM.

“Conducting further checks, we found that after disabling GTM, the bad script was eliminated with no further suspicious activity. The script had been discreetly injected and specifically targeting whale wallets with large amounts. We restored the UI, with the steps after to identify all of the attackers’ addresses, and identify the extent of the damage, and which addresses were affected. We announced the UI going live again at 5.46pm GMT+7.”

This is a developing story.

Join the discussion in our Telegram channel. You can also catch us on Tik Tok, Facebook, or Twitter.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Source link

Be the first to comment

Leave a Reply

Your email address will not be published.