Federal prosecutors in the United States have recently charged a Canadian national, Andean Medjedovic, with exploiting vulnerabilities in two decentralized finance protocols, KyberSwap and Indexed Finance. These exploits allegedly resulted in the theft of millions of dollars worth of cryptocurrency and attempts to cover up the tracks of the illegal activities.
Medjedovic, a mathematics graduate from the University of Waterloo, is facing charges of wire fraud, computer hacking, attempted extortion, and money laundering in connection with the alleged exploits on the two platforms. The Justice Department announced the charges on Feb. 3, highlighting the manipulation of smart contracts on both KyberSwap and Indexed Finance by Medjedovic.
According to the charges, Medjedovic used deceptive trades to trick automated systems into miscalculating key values, leading to the draining of $48.8 million from KyberSwap in 2023 and $16.5 million from Indexed Finance in 2021. The indictment states that through these manipulations, Medjedovic was able to withdraw funds at artificial prices, leaving investors with essentially worthless investments.
The indictment also reveals the meticulous planning behind the KyberSwap exploits, with Medjedovic maintaining files labeled with terms like “KYBER_KILL” and “templateexploit,” as well as creating a “POOL HIT LIST” to target liquidity pools strategically. He even calculated the optimal time for the attack to coincide with when potential victims in different time zones would likely be asleep.
After the attacks, Medjedovic allegedly attempted to extort KyberSwap developers, investors, and DAO members by demanding control of the protocol in exchange for returning 50% of the stolen funds. In an effort to cover his tracks, he and an associate laundered the stolen crypto through mixers and blockchain bridges, as well as opening accounts at crypto exchanges using fake identities to liquidate his holdings discreetly.
Despite his efforts, one bridge protocol froze his transactions, leading Medjedovic to pay an undercover law enforcement agent $85,000 in an attempt to unlock $500,000 of his frozen crypto. If convicted, he faces significant penalties, including up to 20 years in prison for each count of wire fraud, attempted extortion, and money laundering, as well as 10 years for unauthorized damage to a protected computer.
Law enforcement agencies are actively pursuing Medjedovic, who remains at large. Meanwhile, KyberSwap has announced a treasury program to compensate users affected by the hack, with the grant being fully distributed to 1,371 recipients. The protocol continues to work towards ensuring the security and integrity of its platform in the wake of these exploits.