A federal court docket in New York unsealed on Feb. 3 a five-count prison indictment in opposition to Andean Medjedovic for allegedly exploiting KyberSwap and Listed Finance to steal $65 million.
Medjedovic has not been apprehended by regulation authorities as of Feb. 3 and stays at giant.
In keeping with a press release from the US Division of Justice, Medjedovic faces fees of wire fraud, unauthorized harm to a protected pc, tried Hobbs Act extortion, cash laundering conspiracy, and cash laundering.
The cost of unauthorized harm to a protected pc carries a most penalty of 10 years in jail, whereas the opposite counts carry a possible 20-year sentence.
Court docket paperwork state that Medjedovic allegedly exploited automated sensible contracts within the KyberSwap and Listed Finance protocols between 2021 and 2023. Medjedovic is accused of borrowing tokens value a whole lot of thousands and thousands of {dollars} to govern sensible contract calculations.
This technique allegedly allowed him to withdraw funds at synthetic costs, rendering traders’ holdings nugatory.
Authorities alleged that Medjedovic laundered the proceeds by means of swaps, bridging transactions, and crypto mixers. He’s additionally accused of conspiring with others to open accounts at crypto exchanges utilizing false and borrowed identities to obscure the funds’ origins.
The exploits
In November 2023, after executing the KyberSwap exploit and draining roughly $49 million, Medjedovic allegedly tried to extort the victims.
He proposed a settlement wherein he would acquire management of the KyberSwap protocol and it’s governing decentralized autonomous group (DAO) in trade for returning half of the stolen property.
In December 2023, KyberSwap dedicated to reimbursing affected customers, providing grants from its treasury equal to the greenback worth the consumer misplaced when the protocol’s liquidity swimming pools have been drained. This system grew to become efficient on Feb. 1, 2024, with KyberSwap asserting that 1,371 customers have been refunded on Feb. 3, 2025.
The incident additionally affected the decentralized trade aggregator, which lower its workforce in half later that month.
Medjedovic can be the alleged perpetrator of Listed Finance’s exploit happening in 2021. Two of the protocol’s decentralized indexes have been exploited whereas rebalancing, leading to losses totaling $16 million.
Each protocols have but to get better their complete worth locked (TVL) on the protocols following the safety breaches.
