KyberSwap
A decentralized exchange drained of about $48M in November 2023 via a complex exploit of its Elastic concentrated-liquidity pools. The attacker then posted an on-chain 'treaty' demanding full executive control of the Kyber company in exchange for the funds.
Also known as: KyberSwap, Kyber Network, Kyber Director
Summary
KyberSwap is a decentralized exchange. Around November 22–23, 2023, an attacker exploited a flaw in its "Elastic" concentrated-liquidity pools to drain roughly $48 million across several chains, after which the protocol urged users to withdraw funds. [1][2]
Unusual demands
About a week later the attacker — styling themselves "Kyber Director" — posted an on-chain message demanding complete executive control of Kyber Network (the company), temporary control of its governance DAO, and all corporate documents and assets, in exchange for returning the funds; they promised to double staff salaries and reimburse liquidity providers. The demands were not met. KyberSwap separately recovered several million dollars from front-running ("MEV") bots that had skimmed the exploit. [1][2]
Bracketed numbers refer to the numbered sources listed below.
People & entities involved
Sources (2)
See also
- Loci (LOCIcoin)TokensA 2017–2018 ICO for 'LOCIcoin' tied to the InnVenn IP-search platform. The SEC charged Loci and CEO John Wise with fraud for raising $7.6M on false claims about revenue, headcount, and user base; Wise also misused investor funds. Settled with a $7.6M penalty and an officer/director bar.
- Blockchain Terminal (BCT)TokensA 2017–2018 ICO (BCT tokens, ~$30M) for a 'Blockchain Terminal' — a Bloomberg-style crypto trading terminal. The SEC and DOJ said convicted ex-hedge-funder Boaz Manor secretly ran it under a fake identity ('Shaun MacDonald'), using associate Edith Pardo as a front, and lied about the product's adoption.
- Crowd Machine (CMCT)Tokens
This page was last updated on Jun 8, 2026. View revision history.