KyberSwap DEX hacker sends an on-chain message: Be nice, or else

The exploiter behind the $46 million KyberSwap hack says they plan to outline a treaty for the potential return of funds on Nov. 30, but not if threats and hostilities from execs keep up.

The exploiter behind the $46 million crypto theft against KyberSwap has demanded its execs and tokenholders ease up on the hostilities, threatening to push out negotiations until everyone is “more civil.”

In an on-chain message addressed to KyberSwap executives, tokenholders and liquidity providers on Nov. 28, the exploiter said they plan to release a statement around a potential treaty with KyberSwap on Nov. 30 — but won’t do it if hostilities continue.

“I said I was willing to negotiate. In return, I have received (mostly) threats, deadlines, and general unfriendliness from the executive team,” they said.

“Under the assumption that I am treated with further hostility, we can reschedule for a later date, when we all feel more civil,” they warned.

The team behind KyberSwap — a cross-chain decentralized exchange — initially suggested a bounty deal where the hacker returns 90% of the funds across all exploits, allowing the hacker to keep the remaining 10%.

But they followed up with a threat to pursue legal action after the hacker didn’t comply straight away.

“We have reached out to law enforcement and cybersecurity on this case. We have your footprints to track you,” the KyberSwap team said in a Nov. 25 on-chain message, adding:

“So it’s better for you if you take the first offer from our previous message before law enforcement and cybersecurity track you down.”

KyberSwap also told the hacker they would initiate a public bounty program to incentivize anyone providing information to support law enforcement that may lead to their arrest and the recovery of user funds.

The team behind KyberSwap has already managed to recover $4.67 million from the $46 million exploit on Nov. 26 from operators of front-running bots, which managed to extract around $5.7 million in crypto from KyberSwap pools on the Polygon and Avalanche networks.

The team hasn’t yet responded to the exploiter’s latest message on X (formerly Twitter) and is presumably waiting to see the new treaty proposed by the hacker.

Related: KyberSwap announces potential vulnerability, tells LPs to withdraw ASAP

A day after the Nov. 22 hack, decentralized finance pundit Doug Colkitt said the attacker used an “infinite money glitch” to carry out a “complex and carefully engineered smart contract exploit” across several networks implementing KyberSwap pools.

Funds were exploited from Avalanche, Polygon and Ethereum and layer-2 networks Arbitrum, Optimism and Base.

KyberSwap runs on Kyber Network, a blockchain-based liquidity hub that aggregates liquidity across different blockchains and enables the exchange of tokens without an intermediary.

Magazine: This is your brain on crypto: Substance abuse grows among crypto traders

bitcoin
Bitcoin (BTC) $ 98,575.41
ethereum
Ethereum (ETH) $ 3,472.72
tether
Tether (USDT) $ 0.999364
bnb
BNB (BNB) $ 705.12
xrp
XRP (XRP) $ 2.28
solana
Solana (SOL) $ 197.79
dogecoin
Dogecoin (DOGE) $ 0.331079
matic-network
Polygon (MATIC) $ 0.516119
chainlink
Chainlink (LINK) $ 24.62
shiba-inu
Shiba Inu (SHIB) $ 0.000023
nexo
NEXO (NEXO) $ 1.38
enjincoin
Enjin Coin (ENJ) $ 0.239762
cardano
Cardano (ADA) $ 0.911483