Kyber, a multi-chain decentralized finance (DeFi) platform, discovered a vulnerability to its website code that allowed exploiters to run away with approximately $265,000.
Two “whale” addresses appeared to be impacted by the attack, according to Kyber, which plans to reimburse the losses. Kyber said it discovered the exploit, which let attackers insert a “false approval, allowing a hacker to transfer a user’s funds to his address,” on Sept. 1 and “neutralized” the threat within two hours.
The exploit hit KyberSwap, a decentralized exchange that allows users to swap between currencies on different blockchains. KyberSwap’s blockchain contracts were not affected. The problem stemmed from malicious Google Tag Manager code in the KyberSwap website, according to a statement from Kyber.
“We strongly urge all #DeFi projects to conduct a thorough check on your frontend code & associated Google Tag Manager (GTM) scripts as the attacker may have targeted multiple sites,” Kyber tweeted.
The attack on Kyber was relatively small in comparison with other recent attacks on DeFi projects, which have seen numerous multimillion-dollar thefts of users’ funds. However, it once again highlights the wide range of ways DeFi users are vulnerable to attacks.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.