A federal courtroom in New York unsealed on Feb. 3 a five-count prison indictment towards Andean Medjedovic for allegedly exploiting KyberSwap and Listed Finance to steal $65 million.
Medjedovic has not been apprehended by regulation authorities as of Feb. 3 and stays at massive.
In line with an announcement from the US Division of Justice, Medjedovic faces costs of wire fraud, unauthorized harm to a protected laptop, tried Hobbs Act extortion, cash laundering conspiracy, and cash laundering.
The cost of unauthorized harm to a protected laptop carries a most penalty of 10 years in jail, whereas the opposite counts carry a possible 20-year sentence.
Court docket paperwork state that Medjedovic allegedly exploited automated good contracts within the KyberSwap and Listed Finance protocols between 2021 and 2023. Medjedovic is accused of borrowing tokens value lots of of hundreds of thousands of {dollars} to control good contract calculations.
This technique allegedly allowed him to withdraw funds at synthetic costs, rendering traders’ holdings nugatory.
Authorities alleged that Medjedovic laundered the proceeds via swaps, bridging transactions, and crypto mixers. He’s additionally accused of conspiring with others to open accounts at crypto exchanges utilizing false and borrowed identities to obscure the funds’ origins.
The exploits
In November 2023, after executing the KyberSwap exploit and draining roughly $49 million, Medjedovic allegedly tried to extort the victims.
He proposed a settlement during which he would acquire management of the KyberSwap protocol and it’s governing decentralized autonomous group (DAO) in alternate for returning half of the stolen property.
In December 2023, KyberSwap dedicated to reimbursing affected customers, providing grants from its treasury equal to the greenback worth the consumer misplaced when the protocol’s liquidity swimming pools had been drained. This system grew to become efficient on Feb. 1, 2024, with KyberSwap saying that 1,371 customers had been refunded on Feb. 3, 2025.
The incident additionally affected the decentralized alternate aggregator, which minimize its workforce in half later that month.
Medjedovic can be the alleged perpetrator of Listed Finance’s exploit happening in 2021. Two of the protocol’s decentralized indexes had been exploited whereas rebalancing, leading to losses totaling $16 million.
Each protocols have but to recuperate their whole worth locked (TVL) on the protocols following the safety breaches.
