Tag: reimbursement plan

DeFi Platform Raft Compromised, Loses $3.3 Million in Ether

A massive security breach recently occurred on the DeFi platform known as Raft, which resulted in the theft of around $3.3 million worth of Ether (ETH). The fact that the hacker was able to effectively remove 1,577 ETH from the network demonstrates the continued difficulties with security that exist inside the DeFi ecosystem.

The hacker did something quite unusual and transferred 1,570 ETH to a burn address, which basically rendered the bulk of the stolen assets useless. In sharp contrast to the significant sum that had been stolen in the beginning, the attacker was left with just seven ETH after this. This peculiar behavior led to the hacker suffering a loss, despite the fact that he or she had previously been paid 18 ETH by means of a crypto mixer service in order to allegedly finance the assault.

After the assault, the value of the dollar-pegged stablecoin known as Raft’s R plummeted dramatically, falling by fifty percent relative to its previous level. After some time had passed, it had partly recovered to around 70 cents. Raft’s co-founder, David Garai, has said that the assault and its consequences for the platform are true. Raft is now concentrating its efforts on compensating impacted users by using the sDAI that is controlled by the protocol inside the Peg Stability Module. This move was made in an attempt to limit the extent of the harm.

The issue with the Raft is not an uncommon occurrence in the crypto space. A number of high-profile assaults on Defiant platforms have taken place during the last several months. For example, a well-known cryptocurrency exchange called Poloniex had its hot wallet compromised, resulting in a loss of around $114 million in bitcoin. A breach that cost CoinEx $54 million, a heist that cost HTX (previously Huobi Global) $7.9 million, and the Mixin Network suffering the greatest DeFi hack of 2023 with an estimated loss of $200 million owing to stolen private keys are some of the other noteworthy instances that have occurred.

As a result of these occurrences, there is a heightened awareness of the critical need for DeFi platforms to strengthen the security frameworks they have in place. Trust must be maintained within the ecosystem of decentralized finance, and one of the most important ways to do this is by protecting the user money. This episode should serve as a wake-up call for improved security processes and more diligent monitoring systems in order to forestall future occurrences of events of a similar kind.

KyberSwap's Response to $48.8 Million Hack: Workforce Halved and Victim Reimbursement Plans

The decentralized finance sector faced a significant setback when KyberSwap, a DeFi protocol, suffered a devastating hack in November 2023. The aftermath of this security breach has led to far-reaching consequences, including a drastic reduction in the platform’s workforce and efforts to support affected users.

On November 22, 2023, KyberSwap experienced a severe security exploit, resulting in a loss of approximately $48.8 million from its Elastic liquidity pools. This incident, labeled as the KyberSwap Elastic exploit, occurred at 10:54:09 PM UTC, marking a significant moment in the DeFi landscape. The hacker exploited a vulnerability in KyberSwap’s Elastic protocol, leading to unauthorized and exploitative swaps​​.

In response to this financial hit, Kyber Network’s CEO, Victor Tran, announced a regrettable but necessary decision to reduce their workforce by 50%. This move aims to keep the firm’s business operations sustainable in the wake of the financial losses incurred. Despite the challenging decision, Kyber Network emphasizes that its core business functions, including KyberSwap’s Aggregator and Limit Order features, remain intact. However, some initiatives, like the liquidity protocol and KyberAI project, have been temporarily paused​​​​.

Kyber Network has initiated a Treasury Grants Program to support users impacted by the hack. This program, which commenced on December 20, 2023, plans to distribute reimbursements in U.S. dollar stablecoins by February 1, 2024. Affected users are required to register for this reimbursement between January 11 and January 23, 2024. While the total reference value of losses nears $49 million, users will receive only 60% of this value, reflecting the financial constraints the platform faces. An additional $6.6 million was stolen from front-run bots in the aftermath of the primary exploit​​​​.

In a turn of events, the Kyber team attempted to negotiate a bounty deal with the hacker. However, the hacker’s demands were extreme, seeking complete control over Kyber Network, including all assets and its governance mechanism, KyberDAO. The hacker’s intention to buy the company at a fair valuation was not entertained by the Kyber team​​.

The exploit was characterized by DeFi expert Doug Colkitt as an “infinite money glitch,” a complex and carefully engineered smart contract exploit across several networks implementing KyberSwap pools. The affected networks included Avalanche, Polygon, Ethereum, and layer-2 networks such as Arbitrum, Optimism, and Base​​.

In summary, KyberSwap’s proactive steps to address the aftermath of the hack, including workforce reduction and plans to reimburse impacted users, demonstrate the challenges and resilience inherent in the DeFi sector. The incident underscores the importance of robust security measures and the need for continuous vigilance in the evolving landscape of decentralized finance.

Exit mobile version