Federal prosecutors in the United States have charged a Canadian national, Andean Medjedovic, with exploiting vulnerabilities in two decentralized finance (DeFi) protocols, resulting in the theft of millions in cryptocurrency.

Allegations and Charges

Medjedovic, a University of Waterloo mathematics graduate, has been indicted for wire fraud, computer hacking, attempted extortion, and money laundering in connection with the KyberSwap and Indexed Finance exploits. According to the charges, Medjedovic manipulated smart contracts on both platforms, using deceptive trades to trick automated systems into miscalculating key values.

Exploits and Losses

By exploiting these flaws, Medjedovic allegedly drained $48.8 million from KyberSwap in 2023 and swiped $16.5 million from Indexed Finance in 2021. Through his deceptive trades, Medjedovic managed to β€œwithdraw millions in investor funds at artificial prices,” leaving victims with effectively worthless investments.

Prosecutors added that Medjedovic meticulously planned the KyberSwap exploits over several months, maintaining a directory of files labeled with terms like β€œKYBER_KILL” and β€œtemplateexploit.” He created a β€œPOOL HIT LIST” to identify liquidity pools to target and timed the attack strategically.

Attempted Extortion and Money Laundering

After the attack, prosecutors say Medjedovic attempted to extort KyberSwap developers, investors, and DAO members by demanding control of the protocol in exchange for returning 50% of the stolen funds. At the same time, he was working to cover his tracks by laundering the stolen crypto through crypto mixers and blockchain bridges, shuffling the funds across multiple networks to obscure their origin.

Medjedovic also allegedly opened accounts at crypto exchanges using fake identities, attempting to liquidate his holdings without raising red flags. Furthermore, when one bridge protocol froze his transactions, Medjedovic allegedly paid an undercover law enforcement agent $85,000β€”believing they were a developer who could bypass the restrictions and unlock $500,000 of his frozen crypto.

Penalties and Pursuit

If convicted, Medjedovic faces significant penalties, including up to 20 years in prison for each count of wire fraud, attempted extortion, and money laundering, as well as 10 years for unauthorized damage to a protected computer.

Law enforcement agencies, including the Dutch National Police Cybercrime Unit and U.S. prosecutors, continue to pursue Medjedovic, who remains at large.

Tips for Protecting Your Crypto Investments:

  • Stay informed about potential vulnerabilities in DeFi protocols.
  • Use reputable and secure crypto exchanges and wallets.
  • Be cautious of suspicious transactions and activities.
  • Report any suspicious activity to law enforcement agencies.

For more news and updates on the cryptocurrency market, visit Global Crypto News.

Post Views: 1