A federal courtroom in New York unsealed on Feb. 3 a five-count legal indictment in opposition to Andean Medjedovic for allegedly exploiting KyberSwap and Listed Finance to steal $65 million.
Medjedovic has not been apprehended by regulation authorities as of Feb. 3 and stays at massive.
In response to an announcement from the US Division of Justice, Medjedovic faces prices of wire fraud, unauthorized harm to a protected pc, tried Hobbs Act extortion, cash laundering conspiracy, and cash laundering.
The cost of unauthorized harm to a protected pc carries a most penalty of 10 years in jail, whereas the opposite counts carry a possible 20-year sentence.
Court docket paperwork state that Medjedovic allegedly exploited automated sensible contracts within the KyberSwap and Listed Finance protocols between 2021 and 2023. Medjedovic is accused of borrowing tokens value a whole lot of hundreds of thousands of {dollars} to control sensible contract calculations.
This technique allegedly allowed him to withdraw funds at synthetic costs, rendering traders’ holdings nugatory.
Authorities alleged that Medjedovic laundered the proceeds via swaps, bridging transactions, and crypto mixers. He’s additionally accused of conspiring with others to open accounts at crypto exchanges utilizing false and borrowed identities to obscure the funds’ origins.
The exploits
In November 2023, after executing the KyberSwap exploit and draining roughly $49 million, Medjedovic allegedly tried to extort the victims.
He proposed a settlement during which he would achieve management of the KyberSwap protocol and it’s governing decentralized autonomous group (DAO) in change for returning half of the stolen belongings.
In December 2023, KyberSwap dedicated to reimbursing affected customers, providing grants from its treasury equal to the greenback worth the consumer misplaced when the protocol’s liquidity swimming pools have been drained. This system grew to become efficient on Feb. 1, 2024, with KyberSwap asserting that 1,371 customers have been refunded on Feb. 3, 2025.
The incident additionally affected the decentralized change aggregator, which lower its workforce in half later that month.
Medjedovic can also be the alleged perpetrator of Listed Finance’s exploit going down in 2021. Two of the protocol’s decentralized indexes have been exploited whereas rebalancing, leading to losses totaling $16 million.
Each protocols have but to recuperate their whole worth locked (TVL) on the protocols following the safety breaches.
