Kyber Network, a well-known decentralized finance protocol, has issued a warning to users with funds deposited in its Elastic platform, citing a potential security vulnerability. In response to the identified vulnerability, Kyber Network has urged its users to withdraw their funds as a precautionary measure. The project maintains that investigations are ongoing, and no user funds have been lost thus far.
“We have identified a potential vulnerability and strongly advise all Liquidity Providers to withdraw your funds on Elastic as soon as possible. Investigations are ongoing, and no user funds are lost,” the Kyber team stated in their tweet
Elastic Locked Value Drops
Elastic, a decentralized exchange platform by Kyber, enables users to swap tokens and allows liquidity providers to deposit tokens and earn yields on their deposits. Currently, the platform has temporarily halted users from adding liquidity and will provide updates on the situation when KyberSwap Elastic is re-enabled. However, other exchange products like the KyberSwap Classic remain unaffected.
Following the announcement, the total value locked in the Elastic platform fell from $105 million to nearly $52 million, as reported by DefiLlama.
Kyber is not the only recent victim of cyber attacks. Decentralized finance (DeFi) lending protocol Euler Finance suffered an exploit last month, resulting in a loss of nearly $200 million. The losses transpired over four transactions involving dai (DAI), wrapped Bitcoin (WBTC), staked ether (sETH), and USDC, as per smart contract auditor BlockSec. The attacker employed a flash loan to execute the attack.
The attacker obtained over $30 million worth of dai stablecoin through flash loans from DeFi protocols Balancer and Aave. Of this amount, $20 million was sent to Euler, where the attacker received $19.5 million worth of eDAI.
The attacker then borrowed 10 times the deposited amount from Euler, acquiring 195.6 million eDAI and 200 million dDAI. By repaying part of the initial debt using the remaining funds, the attacker deceived the protocol into falsely believing it owed more to depositors than it held.
