On the evening of November 30, 2023, the drama surrounding the KyberSwap hack took a new twist as the hacker made a bold reconciliation offer.
Specifically, the KyberSwap attacker sent a message on the blockchain, outlining their demands:
1. Full control of all Kyber Network operations.
2. Ownership and temporary control of the KyberDAO governance mechanism to implement governance changes.
3. All information related to the establishment, structure, operations, revenue, profits, expenses, assets, liabilities, investors, salaries, and other factors of Kyber.
4. Transfer of all on-chain and off-chain assets of Kyber, including stocks, ownership capital, tokens (both KNC and non-KNC), partner relationships, blogs, websites, servers, passwords, code, social media accounts, and any intellectual property assets of Kyber.
In exchange for complying with these demands, the hacker offered the following “benefits”:
1. The company would be reasonably valued.
2. All employees would receive double their current salaries. Employees who don’t wish to stay would receive 12 months’ salary as severance pay with full benefits and assistance in finding new employment.
3. Under new management, Kyber would undergo a complete transformation, no longer functioning as a DEX but becoming an entirely new crypto project.
4. Liquidity Providers (LPs) would receive a 50% refund for their recent market-making activities.
The deadline for the Kyber team to respond to this “agreement” proposed by the hacker is before December 10, 2023. After this deadline, the agreement will be canceled, and all funds from the hack will remain with the hacker, meaning the Kyber Network team will receive nothing.
Following the hacker’s ultimatum, Victor Tran, the CEO of Kyber Network, responded with a statement asserting, “No one cares about Kyber users as much as the current team.” He also promised a response to the hacker’s message on December 1, 2023, but as of now, there has been no further response from Victor Tran or the Kyber team.
It’s worth noting that KyberSwap, a decentralized exchange (DEX), suffered a hack on November 23, 2023, resulting in a loss of nearly $47 million. Following the attack, the exchange’s development team conducted an investigation and worked to resolve the issue. They also offered a bug bounty of 10% if the hacker returned the stolen funds. However, not receiving a response, KyberSwap continued to threaten the hacker with reporting the incident to law enforcement and cybersecurity agencies.
At present, it remains unclear how KyberSwap will address this situation, but recovering the funds without accepting the hacker’s terms presents a significant challenge. Furthermore, since Kyber did not register for an insurance program, they are not eligible for compensation following this incident. Sherlock, the DeFi insurance provider, also clarified that any potential compensation would be minimal compared to the current loss, adding even more pressure on the Kyber team.