KyberSwap Attacker Drains Funds Using «Infinite Money Glitch»

A sophisticated hack has drained millions of dollars from the decentralized finance (DeFi) platform KyberSwap. The attacker exploited a smart contract bug that allowed them to generate an infinite amount of cryptocurrency.The attack was first reported on social media by Ambient exchange founder Doug Colkitt, who labeled the exploit an «infinite money glitch.»

The glitch reportedly allowed the attacker to mint an unlimited amount of KyberSwap’s native token, KNC, which they then used to drain the platform’s liquidity pools.The full extent of the attack is still being investigated, but it is estimated that the attacker stole around $26 million worth of cryptocurrency. The attack is a major setback for KyberSwap, which is one of the largest DeFi platforms by trading volume.

How the Attack Worked

The attack reportedly exploited a bug in KyberSwap’s smart contracts that allowed the attacker to manipulate the platform’s pricing oracle. The pricing oracle is a system that KyberSwap uses to determine the price of cryptocurrencies. By manipulating the pricing oracle, the attacker was able to create arbitrage opportunities that allowed them to generate an infinite amount of KNC.

Impact of the Attack

The attack on KyberSwap is a stark reminder of the risks associated with DeFi. DeFi platforms are decentralized, which means that they are not controlled by any single entity. This makes them vulnerable to attacks, as there is no central authority to fix bugs or patch vulnerabilities.

The attack has also raised concerns about the security of smart contracts. Smart contracts are self-executing contracts that are stored on the blockchain. They are used to automate many of the functions of DeFi platforms. However, smart contracts can be complex and difficult to audit, which makes them vulnerable to bugs and exploits.

What Can Be Done to Prevent Future Attacks?

There are a number of things that can be done to prevent future attacks on DeFi platforms.

  1. Smart contracts should be audited by independent security experts.
  2. Platforms should have a bug bounty program to incentivize security researchers to find and report bugs.
  3. Platforms should have a mechanism for rolling back transactions in the event of an attack.

The attack on KyberSwap is a major wake-up call for the DeFi industry. Platforms need to take steps to improve the security of their smart contracts and to protect their users from attacks.

We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. View more
Accept