A federal court docket in New York unsealed on Feb. 3 a five-count prison indictment in opposition to Andean Medjedovic for allegedly exploiting KyberSwap and Listed Finance to steal $65 million.
Medjedovic has not been apprehended by regulation authorities as of Feb. 3 and stays at giant.
In accordance with an announcement from the US Division of Justice, Medjedovic faces expenses of wire fraud, unauthorized injury to a protected pc, tried Hobbs Act extortion, cash laundering conspiracy, and cash laundering.
The cost of unauthorized injury to a protected pc carries a most penalty of 10 years in jail, whereas the opposite counts carry a possible 20-year sentence.
Court docket paperwork state that Medjedovic allegedly exploited automated sensible contracts within the KyberSwap and Listed Finance protocols between 2021 and 2023. Medjedovic is accused of borrowing tokens value lots of of tens of millions of {dollars} to govern sensible contract calculations.
This technique allegedly allowed him to withdraw funds at synthetic costs, rendering buyers’ holdings nugatory.
Authorities alleged that Medjedovic laundered the proceeds by swaps, bridging transactions, and crypto mixers. He’s additionally accused of conspiring with others to open accounts at crypto exchanges utilizing false and borrowed identities to obscure the funds’ origins.
The exploits
In November 2023, after executing the KyberSwap exploit and draining roughly $49 million, Medjedovic allegedly tried to extort the victims.
He proposed a settlement wherein he would acquire management of the KyberSwap protocol and it’s governing decentralized autonomous group (DAO) in change for returning half of the stolen property.
In December 2023, KyberSwap dedicated to reimbursing affected customers, providing grants from its treasury equal to the greenback worth the person misplaced when the protocol’s liquidity swimming pools have been drained. This system grew to become efficient on Feb. 1, 2024, with KyberSwap asserting that 1,371 customers have been refunded on Feb. 3, 2025.
The incident additionally affected the decentralized change aggregator, which lower its workforce in half later that month.
Medjedovic can be the alleged perpetrator of Listed Finance’s exploit happening in 2021. Two of the protocol’s decentralized indexes have been exploited whereas rebalancing, leading to losses totaling $16 million.
Each protocols have but to recuperate their whole worth locked (TVL) on the protocols following the safety breaches.
