KyberSwap exploiter linked to $50M HXA token movement
2 min readBlockchain security firm Cyvers detected a movement of $50 million in HXA tokens, the native utility token of the Herencia Artifex NFT project, linked to the KyberSwap exploiter.
The KyberSwap exploiter’s address got these tokens from an Ethereum address using the “transfer from function.”
Decentralized application (DApp) users commonly use the “transfer from” function. It refers to a mechanism by which one party (sender) can transfer or send tokens from the balance of another party (owner) to a third-party address. However, improper use or vulnerabilities in implementing such functions can lead to security concerns.
ALERTOur system has detected an abnormal transaction related to the @KyberNetwork exploiter.
The address funded by the @KyberNetwork exploiter has received $50M worth of $HXA from the 0x0..000dEaD $ETH address using transferfrom function!
Address: https://t.co/byZyFaorNA.… pic.twitter.com/2SUHuNXqEN— Cyvers Alerts (@CyversAlerts) December 8, 2023
Cyvers says the security breach is related to a potential flaw in the Multicall function, which is part of the Thirdweb libraries utilized in the HXA token’s smart contract. It has proposed this idea in its report and encourages interested parties to participate in the investigation to understand the exploit’s scope and consequences comprehensively.
The Cyvers team said that the KyberSwap exploiter’s acquired funds were spread across various externally owned accounts (EOAs), now recognized as the top HXA token holders.
Cryptocurrency exchange MEXC has temporarily halted HXA token withdrawals and deposits. However, the halt is not directly tied to security worries about the hack, but rather the abnormal on-chain operation of HXA, according to the exchange.
Related: KyberSwap announces treasury grants for hack victims
In yet another twist to the tale, the official website of the HXA coin, hxacoin.io, is currently inaccessible, leaving investors and stakeholders locked out of official information and updates. No explanation for the w
Hackers drained about $46 million in crypto assets from the decentralized KyberSwap exchange last month.
Magazine: Blockchain detectives: Mt. Gox collapse saw birth of Chainalysis