Canadian charged in two crypto platform thefts totaling $65 million

A Canadian man has been charged by U.S. federal prosecutors for allegedly hacking into two popular crypto platforms and stealing nearly $65 million. 

The Justice Department unsealed a five-count indictment on Monday accusing 22-year-old Andean Medjedovic of the two hacks, which targeted KyberSwap and Indexed Finance. The department did not say if Medjedovic is in custody or where he may be located. 

Medjedovic is accused of exploiting vulnerabilities in both platforms to steal the funds between 2021 and 2023. Prosecutors said he borrowed hundreds of millions of dollars in digital coins, which allowed him to overwhelm the platforms’ systems. 

“Through his deceptive trades, Medjedovic was able to, and ultimately did, withdraw millions of dollars of investor funds from the protocols at artificial prices, rendering the victims’ investments essentially worthless,” the Justice Department said on Monday. 

The indictment, filed in a federal district court in Brooklyn, says that based on the prices at the time of the incidents, Medjedovic stole $16.5 million from Indexed Finance in October 2021 and $48.4 million from KyberSwap in November 2023. 

Medjedovic was able to launder the stolen funds through several other transactions and mixer services, prosecutors said. He allegedly used fake or stolen identities to open accounts on other cryptocurrency exchanges in order to conceal the source of the funds. 

The indictment includes messages Medjedovic sent after the attack on Indexed Finance where he told a friend, “I did something very cool but accidentally doxxed myself in the process. I may be on the run forever now… Need some advice about becoming a pirate.”

He even spoke to a reporter after the Indexed Finance attack, pledging to commit more thefts in the future. 

KyberSwap previously said $54.7 million was stolen from the platform in November 2023, explaining that someone “used “a series of complex actions to conduct exploitative swaps, enabling the withdrawal of users’ funds into the attackers’ wallets.”

The indictment alleges that Medjedovic spent months planning the KyberSwap incident, carefully pinpointing the best time to launch an attack. Prosecutors said they found files on his computer showing he planned to buy flights out of Canada with the intention of living life on the run.

His plan was foiled when he began communicating with an undercover agent about trying to launder more of the funds stolen from both platforms, prosecutors said. In February 2024, Medjedovic allegedly paid the undercover officer about $86,559 to help get the funds off of platforms where he had been blacklisted for his role in the attack on KyberSwap. 

After the attack on KyberSwap in November 2023, Medjedovic tried to extort the platform’s administrators, offering a settlement of half of the stolen funds in exchange for “complete control of the KyberSwap protocol and the decentralized autonomous organization that oversaw the KyberSwap protocol in exchange” the Justice Department said.

Medjedovic is facing charges related to wire fraud, extortion, hacking, money laundering and more. He is facing decades in prison if convicted, with one charge carrying a maximum 10-year sentence and the other four carrying sentences as long as 20 years. 

The indictment mentions an unnamed co-conspirator who is a relative of Medjedovic and helped him launder the funds after coordinating with him. 

The FBI and Department of Homeland Security worked alongside the SEC and IRS as well as the Netherlands’ Public Prosecution Service and Cybercrime Unit — the Hague of the Dutch National Police.