Binance Identifies Suspects Who Stole From KyberSwap Whales

DeFi platform KyberSwap suffered a frontend security breach last week that allowed hackers to steal crypto from two whale wallets


Source: Shutterstock


key takeaways

  • KyberSwap has offered a 15% bounty to its hackers if the stolen funds are returned
  • Binance previously helped recover funds stolen from Curve Finance and Axie Infinity

Binance may have helped crack last week’s $265,000 hack on decentralized exchange (DEX) platform KyberSwap.

Binance CEO Changpeng Zhao said on Saturday that his exchange’s security team identified two suspects behind the attack, and that their identities have been forwarded to the KyberSwap team. 

On Sept. 1, KyberSwap issued an alert to notify users that a hacker exploited a frontend vulnerability which led to the draining of two whale wallets on Ethereum and Polygon. 

The team discovered malicious code in its Google Tag Manager (GTM) which led to fraudulent transaction approvals, which allowed a hacker to transfer user funds to their account. The GTM was then disabled, according to a blog.

“The script had been discreetly injected and specifically targeting whale wallets with large amounts,” KyberSwap said.

The DeFi platform, which doubles as both a DEX and a liquidity protocol, offered a 15% bounty (around $40,000) to the hacker if they returned the funds and spoke with the team. Compromised addresses would be fully compensated, the network said.

Loading Tweet..

Around the same time as the KyberSwap incident, privacy-focused startup ShadowFi also suffered a cyberattack leading to around $301,000 in losses. PeckShield identified the hacker as NeorderDAO, a little-known crypto collective whose website is now offline.

Binance has often shown commitment to helping out crypto projects. Last month, the exchange managed to recover a majority of the funds hackers stole from DeFi protocol Curve Finance. It also helped Axie Infinity recover nearly $6 million allegedly stolen by North Korean hacking unit Lazarus Group in April. 

DeFi hacks have been exploding in the past two years, hitting over $1.2 billion in the first quarter of this year alone, according to Immunefi. The Federal Bureau of Investigation recently warned against such exploits, saying cyber criminals are on the lookout to abuse the complexity of cross-chain functionality. 

Kyber’s KNC token has fallen 5% since the hack to $1.65, data from TradingView shows.

Get the day’s top crypto news and insights delivered to your email every evening. Subscribe to Blockworks’ free newsletter now.

Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from Blockworks Research’s Daily Debrief.

Can’t wait? Get our news the fastest way possible. Join us on Telegram and follow us on Google News.


upcoming event

MON - WED, MARCH 18 - 20, 2024

Digital Asset Summit (DAS) is returning March 2024. This year’s event will be held in our nation’s capital, where industry leaders, policymakers, and institutional experts will come together to discuss the latest developments and challenges in the ever-evolving world of cryptocurrency. […]

upcoming event

MON - WED, SEPT. 11 - 13, 2023

2022 was a meme.Skeptics danced, believers believed.Eventually, newcomers turned away, drained of liquidity and hope.Now, the tide is shifting and it’s time to rebuild. Permissionless II is the brainchild of Blockworks and Bankless. It’s not just a conference, but a call […]

recent research

Cosmos Hub: ATOM Economic Zone


Replicated Security, the Hub’s Validation-as-a-Service offering that went live in March, is the first step in bringing value accrual to ATOM stakers.



Bitcoin price predictions are meaningless, so let’s expend our prediction energy on something that actually matters


A new complaint against Elon Musk and Tesla alleges that Musk manipulated both bitcoin and dogecoin


Kenya’s central bank doesn’t seem enamored by the idea of a CBDC but hasn’t slammed the door shut yet


Both Ethereum and Solana have enjoyed vibrant DeFi environments, but this has not yet been the case for Cosmos


As Japan takes important step forward on stablecoins, industry participants say, proposed US laws around such crypto assets remain in flux


Stablecoins offer global financial access and on-chain transactions without limitations, while FedNow falls short in terms of utility, global reach and inclusivity