U.S. prosecutors have charged a 22-year-old Canadian man with stealing a mixed $65 million in crypto by means of two separate decentralized finance (DeFi) hacks — the 2021 Listed Finance exploit and the 2023 KyberSwap hack.
In a newly-unsealed indictment filed within the Japanese District of New York (EDNY), prosecutors say Andean “Andy” Medjedovic was the mastermind behind each exploits. Although Medjedovic’s alleged function within the KyberSwap exploit was beforehand unknown, he has publicly admitted to being the Listed Finance attacker, wiping $16 million from the DeFi platform when he was nonetheless a teen.
Learn extra: After Stealing $16M, This Teen Hacker Appears Intent on Testing ‘Code is Legislation’ within the Courts
Medjedovic did little to cover his identification because the Listed Finance hacker as a result of he professed to imagine he wasn’t really doing something unlawful. One other DeFi hacker, Avraham “Avi” Eisenberg, took an analogous “code is regulation” place after his 2022 Mango Markets exploit, claiming that siphoning $110 million from the decentralized alternate was truthful recreation. A New York jury disagreed, discovering Eisenberg responsible of fraud and market manipulation. He shall be sentenced later this yr, and faces as much as 20 years in jail.
Medjedovic has been on the run since December 2021, when a Canadian courtroom issued a warrant for his arrest. In 2023, he advised a DeFi Llama reporter that it was “exhausting” dwelling as a fugitive, saying that he had been bouncing round by means of Europe, South America and an unnamed island nation whereas on the lam. A spokesperson for the Japanese District of New York (EDNY) advised CoinDesk that Medjedovic stays “at giant” and isn’t believed to be within the U.S.
Eight months after telling the identical reporter that he was now a whitehat hacker, prosecutors say Medjedovic stole about $50 million from KyberSwap. In accordance with the indictment, Medjedovic deliberate the KyberSwap hack for months earlier than performing, writing to himself “Discover time to Strike!” and making a “POST-EXPLOITATION” plan for himself.
In a single file, Medjedovic allegedly mused on his previous errors, writing “Going On the run / Sure / Likelihood of getting caught Medjedovic has been charged with one rely of wire fraud, one rely of unauthorized harm to a protected pc, one rely of tried Hobbs Act extortion, one rely of cash laundering conspiracy and one rely of cash laundering. He faces a most penalty of 90 years in jail.
