Unknown hacked DEX KyberSwap at the frontend level

Unknown hacked DEX KyberSwap at the frontend level

Unidentified people hacked KyberSwap's DEX on front-end level

Hackers hacked the front-end of the non-custodial exchange KyberSwap DeFi project Kyber Network. User damage amounted to 265,000 USDC.

On September 1, KyberSwap developers detected suspicious activity at the front-end level. After closing the interface for investigation, they discovered malicious code in the Google Tag Manager (GTM) tool.

The exploit inserted a false approval for a transaction, allowing hackers to transfer user funds to their addresses.

Command restarted the interface less than two hours later, removing the malicious code from GTM. 

The attack affected two addresses. The developers assured that the victims will receive full compensation. In their opinion, the attackers were targeting the wallets of the whales.

The KyberSwap team identified the addresses of hackers in the Ethereum and Polygon networks, and also contacted various exchanges to track and block the movement of stolen assets.

According to PeckShield, the attackers withdrew the initial tools for the attack from the BitMart centralized platform.

KyberSwap invited the hackers to contact them and return the stolen funds for a reward of 15% of the amount.

According to Dune Analytics, the platform ranks 18th in the DEX rankings in terms of weekly trading volume with a figure of $2.57 million. leading Uniswap — $8.8 billion

What is a decentralized exchange (DEX)?

Recall that in August the FBI issued a warning about the most common security vulnerabilities used by cybercriminals to attack DeFi platforms.

Read ForkLog bitcoin news in our Telegram — cryptocurrency news, rates and analytics.