KyberSwap Exploiter Linked to $50M HXA Token Movement

The KyberSwap exploiter has been linked to a movement of $50 million in HAXcoin (HXA), the native utility token of the Herencia Artifex nonfungible token project. Cyvers, a blockchain security firm, detected this movement and discovered that the acquired funds were spread across various externally owned accounts, which are now recognized as the top HXA tokenholders. The exploit occurred when the KyberSwap exploiter’s address received these tokens from an Ethereum address using the “transfer from function.” Cyvers suggests that this security breach may be related to a potential flaw in the Multicall function, a part of the thirdweb libraries utilized in the HXA token’s smart contract. While cryptocurrency exchange MEXC has temporarily halted HXA token withdrawals and deposits, the halt is not directly linked to security concerns about the hack. This article provides an overview of the situation and encourages interested parties to participate in the investigation to better understand the scope and consequences of the exploit.

▶ [Kucoin] Transaction fee 0% discount CODE◀

Background

Recently, there have been significant developments surrounding the KyberSwap exploiter and the movement of $50 million in HXA tokens. Cyvers, a blockchain security firm, first detected this movement and raised concerns regarding the potential security breach. The exploiter’s address was found to have acquired the tokens using the ‘transfer from’ function, which is commonly used in decentralized applications. This function allows one party to transfer tokens from the balance of another party to a third-party address. However, vulnerabilities or improper use of this function can lead to security risks.

The security breach is believed to be related to a flaw in the Multicall function, which is part of the thirdweb libraries utilized in the HXA token’s smart contract. Cyvers has identified this potential flaw and has called for interested parties to participate in the investigation. The goal is to comprehensively understand the scope and consequences of the exploit.

As a result of the security concerns, the cryptocurrency exchange MEXC has temporarily put a halt on HXA token withdrawals and deposits. It is worth noting that this halt is not directly linked to the security worries about the hack. Instead, it is due to abnormal on-chain operations of the HXA token.

Furthermore, the official website of HXAcoin, hxacoin.io, is currently inaccessible. This has left investors and stakeholders locked out of official information and updates, adding to the overall impact of the exploit.

▶ [Kucoin] Transaction fee 0% discount CODE◀

Investigation Findings

Cyvers’ investigation has provided valuable insights into the exploit. They have identified a potential flaw in the Multicall function, shedding light on the specific vulnerability that allowed the KyberSwap exploiter to acquire the HXA tokens. To ensure a thorough investigation, Cyvers has encouraged interested parties to participate and contribute their expertise. By doing so, the aim is to gain a comprehensive understanding of the exploit’s scope and the potential consequences for the affected parties.

Impact on HXA Tokenholders

The KyberSwap exploiter’s acquired funds have been spread across various externally owned accounts, which have now been recognized as the top HXA tokenholders. This means that individuals who were previously not associated with the exploit have now been linked to the acquired funds. This has significant implications for the affected tokenholders and adds another layer of complexity to the situation.

MEXC Exchange Response

In response to the exploit, the cryptocurrency exchange MEXC has temporarily halted HXA token withdrawals and deposits. However, it is important to note that this halt is not directly tied to security concerns surrounding the hack. Instead, it is due to the abnormal on-chain operation of the HXA token. MEXC is taking necessary precautions to ensure the safety of its users and the integrity of its platform.

Inaccessibility of HXAcoin Website

The inaccessibility of the official website of HXAcoin, hxacoin.io, has created additional challenges for investors and stakeholders. They are currently locked out of official information and updates, which hinders their ability to make informed decisions about their investments. The lack of access to the website further complicates the situation and increases the overall impact of the exploit.

Previous KyberSwap Hack

It is important to note that this recent exploit is not the first security incident involving KyberSwap. In a previous incident, hackers were able to drain $46 million in cryptocurrencies from the decentralized exchange. The connection between the previous hack and the current exploit raises concerns about the security measures in place and highlights the need for improved security protocols.

Overall Impact on Cryptocurrency Community

The exploitation of KyberSwap and the subsequent movement of $50 million in HXA tokens has raised increasing concerns within the cryptocurrency community regarding blockchain security. This incident serves as a stark reminder of the potential vulnerabilities that exist within decentralized finance (DeFi) platforms. As the DeFi ecosystem continues to grow, there is an urgent need for heightened security measures to safeguard user funds and maintain trust in the industry.

Response from KyberSwap

In response to the exploit, KyberSwap has announced treasury grants for the victims of the hack. This demonstrates their commitment to helping those affected recover their losses. Additionally, KyberSwap has taken steps to prevent future exploits by evaluating and strengthening their security protocols. By learning from this incident, KyberSwap aims to enhance the safety of its platform and protect its users from further security breaches.

Recovery of Stolen Funds

Efforts are being made to recover the $50 million in stolen HXA tokens. However, the recovery process faces significant challenges and obstacles. Recovering stolen funds in the cryptocurrency space is notoriously difficult due to the pseudo-anonymous nature of blockchain transactions. Tracking and tracing the movement of funds requires close collaboration among security firms, exchanges, and blockchain developers. It is a complex undertaking that requires expertise and coordination.

Future Steps and Recommendations

To prevent future exploits, it is crucial to enhance security protocols for decentralized exchanges like KyberSwap. This can be achieved through close collaboration between security firms, exchanges, and blockchain developers. Sharing knowledge and expertise will enable the industry to stay one step ahead of potential threats. Additionally, educating users on best practices to prevent exploits is essential. By informing users about the risks and providing guidance on how to protect their assets, we can collectively work towards a safer and more secure cryptocurrency ecosystem.

In conclusion, the KyberSwap exploit and the movement of $50 million in HXA tokens have highlighted the importance of blockchain security. The impact on HXA tokenholders, the response from exchanges like MEXC, and the inaccessibility of the HXAcoin website all contribute to the complexity of the situation. As the cryptocurrency community grapples with the implications of this exploit, it is crucial to learn from these events and take proactive measures to enhance security and protect user funds. Only through collaboration and education can we strive for a more secure and resilient cryptocurrency ecosystem.

▶ [Kucoin] Transaction fee 0% discount CODE◀