KyberSwap, a DeFi platform has informed that it has suffered an exploit to its front-end web code. By which attackers were able to steal about $265,000 in cryptocurrency funds before the Kyber team was able to shut down the attack.
KyberSwap allows for the exchange of cryptocurrency assets between blockchains on a decentralized token exchange and acts as a market maker for its users, allowing them to exchange tokens at the best market rates. Kyber’s smart contracts did not host the vulnerability. Instead, the problematic code was discovered in the user interface.
Google Tag Manager scripts are commonly used by websites to track users for analytics, such as what pages are visited, how long they stay, and what IP addresses they visit from. Google’s analytics scripts hold almost 70% of the market share of total analytics across the web.
But in Kyber’s case, the Google Tag Manager that came may have been corrupted by a bad actor, inserting the malicious code.
Kyber has disabled the front-end user interface and quickly communicated it to the community. The malicious code was discovered and the GTM was then also disabled.
Although the team cut off the attackers, they were still able to take $265,000 worth of Aave Matic USDC tokens from two different “whale accounts” in four transactions. Whales are referred to as people or entities who hold large amounts of cryptocurrency.
The team went on to urge other protocols and companies working within DeFi to audit their code, especially when working with third-party libraries.
Now, Kyber Network team is offering a 15% bounty, worth $40,000, to the hackers upon the return of the stolen funds.