KyberSwap exploiter linked to $50M HXA token movement

Blockchain security firm Cyvers detected a movement of $50 million in HXA tokens, the native utility token of the Herencia Artifex NFT project, linked to the KyberSwap exploiter. 

The KyberSwap exploiter’s address got these tokens from an Ethereum address using the “transfer from function.”

Decentralized application (DApp) users commonly use the “transfer from” function. It refers to a mechanism by which one party (sender) can transfer or send tokens from the balance of another party (owner) to a third-party address. However, improper use or vulnerabilities in implementing such functions can lead to security concerns.

Cyvers says the security breach is related to a potential flaw in the Multicall function, which is part of the Thirdweb libraries utilized in the HXA token’s smart contract. It has proposed this idea in its report and encourages interested parties to participate in the investigation to understand the exploit’s scope and consequences comprehensively.

The Cyvers team said that the KyberSwap exploiter’s acquired funds were spread across various externally owned accounts (EOAs), now recognized as the top HXA token holders.

Cryptocurrency exchange MEXC has temporarily halted HXA token withdrawals and deposits. However, the halt is not directly tied to security worries about the hack, but rather the abnormal on-chain operation of HXA, according to the exchange.

Related: KyberSwap announces treasury grants for hack victims

In yet another twist to the tale, the official website of the HXA coin, hxacoin.io, is currently inaccessible, leaving investors and stakeholders locked out of official information and updates. No explanation for the w

Hackers drained about $46 million in crypto assets from the decentralized KyberSwap exchange last month.

Magazine: Blockchain detectives: Mt. Gox collapse saw birth of Chainalysis