Kyber Network lost $265,000 due to exploit in the user interface

The Kyber Network DeFi protocol was exploited in which hackers managed to steal $265,000. They were asked to return the funds for a reward of 15% of the stolen amount.

Kyber Network specialists reported that they noticed a suspicious element in the external user interface. After disabling it for testing purposes, they discovered malicious code in the Google Tag Manager (GTM) tracking code management and analytics tool.

The malware inserted a false confirmation into the script, thereby allowing hackers to transfer other people’s funds to their address. The Kyber Network team disabled GTM, removed this script, and restored the user interface. In addition, experts were able to identify several suspicious addresses that were active during the exploit.

Two users suffered from the attack, the total amount of losses of which amounted to $265,000. Kyber Network promised to compensate them for the damage. Despite the elimination of the threat, experts called on DeFi projects to check their user interfaces and GTM scripts. Kyber Network also turned to the hackers, inviting them to enter into a dialogue:

“We know the addresses to which you received funds from centralized exchanges, so we can track you. We also know that you have OpenSea accounts and we can track you through NFT communities or directly through OpenSea. When exchanges block you, you will not be able to cash out without revealing your identity. Therefore, we are offering you 15% of the stolen amount as a reward for finding bugs, if you return all the stolen money and talk to our team.”

Note that not all hacker attacks are successful. In August, an attacker tried to break into the Rainbow Bridge, but the attack was immediately stopped. As a result, the hacker himself lost ETH in the amount of about $8,000.