According to Zombit’s previous report, decentralized exchange platform Kyber Network suffered a hack of over 48 million dollars in assets due to a contract vulnerability. It is reported that this hacker is also related to the Indexed Finance attack incident in 2021, which resulted in a loss of 16 million dollars.
After the attack, the Kyber team negotiated with the hacker through on-chain messages. The team expressed willingness to pay a 10% white hat bounty, while the hacker claimed to make a statement on potential negotiation terms on the 30th. Yesterday, the hacker fulfilled the promise and released a contract through on-chain messages. However, the content of this contract not only lacks sincerity but can also be said to be unrealistic.
In this contract, the hacker demands full control of Kyber (the company) and KyberDAO’s executive and control rights, access to all documents and information related to the company, and handing over all on-chain and off-chain assets of Kyber. Once the demands are met, the hacker is willing to provide the following in return:
– Buyout of shares from the top management at a reasonable valuation.
– Doubling of employee salaries, with one year severance pay for departing employees.
– Restructuring of Kyber for the benefit of token holders and investors.
– Liquidity providers affected by the hack will be able to recover 50% of their losses.
The hacker issued a final warning that this is the only proposal, and if the demands are not met by December 10th or if any national agents contact him, the terms will be voided directly, meaning he will not return any money.
After receiving the message from the hacker, KyberSwap co-founder Victor Tran posted on X claiming that nobody cares about Kyber users like they do, indicating they consider themselves the best guardians of users and stating that they will respond to the attacker’s message soon.