KyberSwap announced that $265,000 in user funds were stolen after a hacker exploited the multichain DEX aggregator’s front end.
The company confirmed the hacking incident, followed by announcing that compensation would be made to the victims of the attack. A 15% bounty will be released for the hacker if all the funds are returned and if the hacker speaks directly with the KyberSwap team.
According to the details released from KyberSwap, the hacker exploited the code initially at approximately 2:30 am EST. “We identified a malicious code in our Google Tag Manager (GTM) which inserted a false approval, allowing a hacker to transfer a user’s funds to his address,” the company said in its official notice.
The notice further explained that the hacker had discreetly injected the script to target whale wallets with large amounts specifically.
Following investigations, the company was able to neutralize the exploit within two hours.
The company has also urged users to proceed with using its platform with caution for the time being.
However, the attack on KyberSwap was comparatively smaller than other recent attacks on DeFi projects, which have seen numerous multimillion-dollar thefts of users’ funds.
However, it does highlight the wide range of ways DeFi users are vulnerable to attacks.
Image source: Shutterstock