Canadian Hacker Charged for $65M DeFi Theft and Extortion

• A 22-year-old Canadian hacker was charged with hacking DeFi protocols, stealing $65M, and attempting extortion to control KyberSwap and Indexed Finance.
• The hacker used smart contract exploits, manipulated token prices, and laundered funds through swaps, bridging transactions, and digital asset mixers.

Andean Medjedovic, a 22-year-old Canadian, is now facing federal court in Brooklyn after being charged with a variety of cybercrimes. He is suspected of stealing approximately $65 million in cryptocurrency from two DeFi protocols, KyberSwap and Indexed Finance. He also was accused of computer hacking, electronic fraud, attempted extortion, and money laundering.

Manipulation, Millions, and a Bold Demand: The KyberSwap Case

Not only was Medjedovic compromising standard security mechanisms, but he also applied a somewhat advanced smart contract exploitation method. He changed the price of digital assets by using flaws in the automated mechanism of the DeFi protocol.

How? Through digital token borrowing in hundreds of millions of dollars and manipulative trading, he created smart contracts that miscalculated crucial factors. He was able to remove significant sums of money from investors, therefore leaving basically worthless assets for them.

Besides, he tried to play further by extorting money after effectively using KyberSwap. Medjedovic presented to the KyberSwap development team a settlement offer. But this suggestion is more like a threat, as he requests complete control over KyberSwap and the decentralized autonomous company (DAO) running behind it.

He promises to return half of the digital assets he has pilfered in exchange. Indeed, he is seeking control over the system he just hacked, not hiding himself!

Laundering Millions: The Trick That Didn’t Work

Medjedovic did not cash them out straight away once he had them. Using swap transactions, bridging transactions, and digital asset mixers, he engaged in a sequence of transactions meant to launder the money. It didn’t end there; he also worked with other groups opening accounts on digital asset exchanges under aliases or fake identities.

Crypto thieves frequently apply this method to evade detection. In this sense, law enforcement finds it more challenging to monitor the money flow from the crime. Still, his actions did not help him to get out of the law.

Law Enforcement Closes In on the DeFi Hacker

Should Medjedovic be found guilty, he might have to pay harsh pinalties. The charge for computer hacking can have a ten-year maximum jail term. For every other crime, including computer fraud and money laundering, he could be sentenced to up to 20 years in jail per. Given his overall charges, behind bars his future seems hopeless.

Law enforcement, on the other hand, keeps handling this matter in cooperation with different foreign authorities. Supported by many other agencies, the investigation is being conducted by the IRS-CI, HSI, and the FBI from the New York field office.

Fake XRP Wallet Operator Exploits Growing Crypto Hype

Interestingly, the CNF reported a new scam involving a fictitious XRP wallet operator claiming to be US Treasury Department affiliated before Medjedovic’s case gained media attention. This scam ran parallel with growing crypto interest, particularly in the run-up to Trump’s inauguration.

Said to have ties to the Trump family, the scammers employed phony identities and transacted with other wallets bearing glamorous names like Bank of America and World Liberty Financial. Worse still, numerous gullible crypto influencers also pushed this program on the X social media platform.

Furthermore, you know… situations like these are somewhat common, particularly in view of the growing popularity of the crypto market. From smart contract exploitation as Medjedovic did, to fraud under the cover of investment leveraging well-known names, the methods differ.