This article is more than nine months old

The KyberSwap exploiter might be someone you know

The KyberSwap exploiter might be someone you know
DeFi
Shortly after the Kyber exploit, keen-eyed DeFi watchers noticed that a wallet connected to the Kyber exploiter sent $2 million to a wallet associated with Andean Medjedovic — the Indexed Finance exploiter.

A version of this story appeared in our The Decentralised newsletter. Sign up here.

GM, Tim here,

Here’s what caught my DeFi-eye recently:

  • The $48 million KyberSwap exploiter writes an unhinged ultimatum
  • Starknet confirms airdrop eligibility leak
  • A new DeFi project raises — but refuses VC money

KyberSwap exploiter demands takeover

After stealing $48 million from KyberSwap users in what some have called the most complex DeFi exploit ever, the attacker is back with an ultimatum.

“My demands are as follows:

  • Complete executive control over Kyber (the company)
  • Temporary full authority and ownership over the governance mechanism (KyberDAO) in order to enact legislative changes. My current wallet address is fine for this.
  • All documents and information related to company / protocol formation, structure, operation, revenues, profits, expenses, assets, liabilities, investors, salaries, etc.
  • Surrender of all Kyber (the company) assets. This is both On-chain and Off-chain assets. It includes but is not limited to: shares, equity, tokens (KNC and non-KNC), partnerships, blogs, websites, servers, passwords, code, social channels, any and all creative and intellectual property of Kyber.”

Read the full message here.

You might be wondering why the exploiter fancies attaching himself to a registered company, as they would need reveal their identity to do so.

But a clue to the exploiter’s identity may be able to shed some light on what they hope to accomplish.

Join the community to get our latest stories and updates

Shortly after the Kyber exploit, keen-eyed DeFi watchers noticed — and we confirmed — that a wallet connected to the Kyber exploiter sent $2 million to a wallet associated with Andean Medjedovic, the Indexed Finance exploiter.

There is no official confirmation. But any exploit would fall in line with a code is law mantra. Medjedovic declined our attempts to be interviewed about this topic.

To this day, Medjedovic maintains his exploits were not theft but merely profitable trades.

If it is indeed him, it may be that Medjedovic is looking to improve his image in the eyes of the law, in response to a 2021 warrant out for his arrest on charges relating to the hack. Getting control of Kyber would help in arguing such a case to local authorities.

Medjedovic previously told DL News he was in hiding after stealing $15 million from Indexed Finance in October 2021.

And it wouldn’t be the first time someone in crypto has attempted to improve their reputation.

Starknet confirms airdrop info leak

Ethereum layer 2 Starknet mistakenly published a webpage outlining eligibility criteria for its upcoming token airdrop, sparking a wave of excitement among DeFi users.

But for many, the excitement was short-lived. That’s because the criteria for receiving tokens were not as lax as many had hoped.

Starknet airdrop criteria

For those who have followed Starknet development over the years, the leaked criteria shouldn’t be a surprise.

Starkware’s creators have said on multiple occasions they want the planned STRK token airdrop to benefit those who genuinely contributed to its development, and not those trying to game the system.

Still, a post from the official Starknet Foundation X account emphasised that the leaked draft was not final, leaving the door open for additional criteria.

The post also confirmed that the cutoff date for becoming eligible for the airdrop had passed.

Curvance passes on venture capital money

Curvance, a new omnichain lending protocol, has announced a $3.6 million raise — but with a twist.

The protocol has eschewed the traditional route of tapping large venture capital firms for funding, and instead raised exclusively from individual contributors and DAOs.

Among those taking a punt on the new protocol are Polygon’s Sandeep Nailwal, Wormhole Labs CEO Saeed Badreg, and Frax DAO.

Curvance co-founder Chris Carapola told DL News that the decision to turn down big name VCs meant more work, but that it was “well worth it knowing our round is backed by individuals who have a personal stake in the game”

DeFi projects are receiving more and more scrutiny over who bankrolls them. Those that sold equity or tokens to the wrong venture firms often still suffer the negative baggage of doing so years later.

Solana and many of its DeFi projects are a prime example of this.

Drake meme VCs

Data of the week

November has officially become the worst month for crypto hacks this year.

The $126 million theft from Justin Sun’s Poloniex exchange marked the biggest loss in November followed by the Heco bridge at $86.6 million, and the KyberSwap exploit in third.

2023 hacks chart

This week in DeFi governance

PROPOSAL: DYdX wants to activate trading rewards and a six-month incentive program on dYdX Chain

VOTE: Arbitrum DAO to extend deadline for STIP and backfund grantees

VOTE: Alphagrowth finalises growth program for Compound

Post of the week

Euler Labs’ Laurence Day shows former Citi director Sean Tuffy that crypto really is what you make of it.

What we’re watching

Jito Labs is the latest Solana DeFi protocol to announce a token airdrop.

Some onlookers speculate that Jito power users could walk away with more than $100,000, depending on how the market values the upcoming JTO token.

Have you joined our Telegram channel yet? Check out our news feed for the latest breaking stories, community polls, and of course — the memes.

Tim Craig is DL News’ Edinburgh-based DeFi Correspondent. Reach out with tips at tim@dlnews.com.

Update, December 6: This article has been updated to reflect that DL News attempted to contact Medjedovic for comments.