The Decentralised
Posts
The Decentralised: Who is the Kyber exploiter?

The Decentralised: Who is the Kyber exploiter?

Tim Craig
December 05, 2023

GM, Tim here,

Here’s what caught my DeFi-eye recently:

The $48 million KyberSwap exploiter writes an unhinged ultimatum
A Starknet airdrop is coming but you probably won’t be eligible
A new DeFi project raises — but refuses VC money

KyberSwap exploiter demands takeover

After stealing $48 million from KyberSwap users in what some have called the most complex DeFi exploit ever, the attacker is back with an ultimatum.

“My demands are as follows:

Complete executive control over Kyber (the company)
Temporary full authority and ownership over the governance mechanism (KyberDAO) in order to enact legislative changes. My current wallet address is fine for this.
All documents and information related to company / protocol formation, structure, operation, revenues, profits, expenses, assets, liabilities, investors, salaries, etc.
Surrender of all Kyber (the company) assets. This is both On-chain and Off-chain assets. It includes but is not limited to: shares, equity, tokens (KNC and non-KNC), partnerships, blogs, websites, servers, passwords, code, social channels, any and all creative and intellectual property of Kyber.”

Read the full message here.

You might be wondering why the exploiter fancies attaching himself to a registered company, as they would need reveal their identity to do so.

But a clue to the exploiter’s identity may be able to shed some light on what they hope to accomplish.

Shortly after the Kyber exploit, keen-eyed DeFi watchers noticed that a wallet connected to the Kyber exploiter sent $2 million to a wallet associated with Andean Medjedovic — the Indexed Finance exploiter.

While there is no official confirmation, in public DeFi circles it’s commonly assumed that Medjedovic exploited KyberSwap.

Medjedovic’s actions fall in line with the code is law mantra. To this day he maintains his exploits were not theft but merely profitable trades.

It may be that Medjedovic is looking to legitimise his actions in the eyes of the law, in response to a 2021 warrant out for his arrest on charges relating to the hack. Getting control of Kyber would help in arguing such a case to local authorities — wherever he is.

Medjedovic previously told DL News he was in hiding after stealing $15 million from Indexed Finance in October 2021.

And it wouldn’t be the first time someone questionable in crypto has attempted to improve their reputation. Just look at Michael Patryn, better known online as 0xSifu.

Starknet confirms airdrop info leak

Ethereum layer 2 Starknet mistakenly published a webpage outlining eligibility criteria for its upcoming token airdrop, sparking a wave of excitement among DeFi users.

But for many, the excitement was short-lived. That’s because the criteria for receiving tokens were not as lax as many had hoped.

For those who have followed Starknet development over the years, the leaked criteria shouldn’t be a surprise.

Starkware’s creators have said on multiple occasions they want the planned STRK token airdrop to benefit those who genuinely contributed to its development, and not those trying to game the system.

Still, a post from the official Starknet Foundation X account emphasised that the leaked draft was not final, leaving the door open for additional criteria.

The post also confirmed that the cutoff date for becoming eligible for the airdrop had passed.

Curvance passes on venture capital money

Curvance, a new omnichain lending protocol, has announced a $3.6 million raise — but with a twist.

The protocol has eschewed the traditional route of tapping large venture capital firms for funding, and instead raised exclusively from individual contributors and DAOs.

Among those taking a punt on the new protocol are Polygon’s Sandeep Nailwal, Wormhole Labs CEO Saeed Badreg, and Frax DAO.

Curvance co-founder Chris Carapola told DL News that the decision to turn down big name VCs meant more work, but that it was “well worth it knowing our round is backed by individuals who have a personal stake in the game”

DeFi projects are receiving more and more scrutiny over who bankrolls them. Those that sold equity or tokens to the wrong venture firms often still suffer the negative baggage of doing so years later.

Solana and many of its DeFi projects are a prime example of this.

Data of the week

November has officially become the worst month for crypto hacks this year.

The $126 million theft from Justin Sun’s Poloniex exchange marked the biggest loss in November followed by the Heco bridge at $86.6 million, and the KyberSwap exploit in third.

This week in DeFi governance

PROPOSAL: DYdX wants to activate trading rewards and a six-month incentive program on dYdX Chain

VOTE: Arbitrum DAO to extend deadline for STIP and backfund grantees

VOTE: Alphagrowth finalises growth program for Compound

Post of the week

Euler Labs’ Laurence Day shows former Citi director Sean Tuffy that crypto really is what you make of it.

— laurence (@functi0nZer0)
9:03 AM • Dec 2, 2023

What we’re watching

Seems very likely some people will get 6 figs from $JTO airdrop
Will drop calculator for $JUP + $JTO airdrops later today
— Anders◼️🇺🇸 (@ponzirespecter)
7:24 PM • Dec 4, 2023

Jito Labs is the latest Solana DeFi protocol to announce a token airdrop.

Some onlookers speculate that Jito power users could walk away with more than $100,000, depending on how the market values the upcoming JTO token.

Got a tip about DeFi? Reach out at [email protected].

DL News is an independent news organisation that provides original, in-depth reporting on the largely misunderstood world of cryptocurrency and decentralised finance. From original stories to investigations, our journalism is accurate, honest and responsible.

Forwarded by a friend? subscribe here.