Canadian charged in two crypto platform thefts totaling $65 million

Avatar

A Canadian man has been charged by U.S. federal prosecutors for allegedly hacking into two popular crypto platforms and stealing nearly $65 million. 

The Justice Department unsealed a five-count indictment on Monday accusing 22-year-old Andean Medjedovic of the two hacks, which targeted KyberSwap and Indexed Finance. The department did not say if Medjedovic is in custody or where he may be located. 

Medjedovic is accused of exploiting vulnerabilities in both platforms to steal the funds between 2021 and 2023. Prosecutors said he borrowed hundreds of millions of dollars in digital coins, which allowed him to overwhelm the platforms’ systems. 

“Through his deceptive trades, Medjedovic was able to, and ultimately did, withdraw millions of dollars of investor funds from the protocols at artificial prices, rendering the victims’ investments essentially worthless,” the Justice Department said on Monday. 

The indictment, filed in a federal district court in Brooklyn, says that based on the prices at the time of the incidents, Medjedovic stole $16.5 million from Indexed Finance in October 2021 and $48.4 million from KyberSwap in November 2023. 

Medjedovic was able to launder the stolen funds through several other transactions and mixer services, prosecutors said. He allegedly used fake or stolen identities to open accounts on other cryptocurrency exchanges in order to conceal the source of the funds. 

The indictment includes messages Medjedovic sent after the attack on Indexed Finance where he told a friend, “I did something very cool but accidentally doxxed myself in the process. I may be on the run forever now… Need some advice about becoming a pirate.”

He even spoke to a reporter after the Indexed Finance attack, pledging to commit more thefts in the future. 

KyberSwap previously said $54.7 million was stolen from the platform in November 2023, explaining that someone “used “a series of complex actions to conduct exploitative swaps, enabling the withdrawal of users’ funds into the attackers’ wallets.”

The indictment alleges that Medjedovic spent months planning the KyberSwap incident, carefully pinpointing the best time to launch an attack. Prosecutors said they found files on his computer showing he planned to buy flights out of Canada with the intention of living life on the run.

His plan was foiled when he began communicating with an undercover agent about trying to launder more of the funds stolen from both platforms, prosecutors said. In February 2024, Medjedovic allegedly paid the undercover officer about $86,559 to help get the funds off of platforms where he had been blacklisted for his role in the attack on KyberSwap. 

After the attack on KyberSwap in November 2023, Medjedovic tried to extort the platform’s administrators, offering a settlement of half of the stolen funds in exchange for “complete control of the KyberSwap protocol and the decentralized autonomous organization that oversaw the KyberSwap protocol in exchange” the Justice Department said.

Medjedovic is facing charges related to wire fraud, extortion, hacking, money laundering and more. He is facing decades in prison if convicted, with one charge carrying a maximum 10-year sentence and the other four carrying sentences as long as 20 years. 

The indictment mentions an unnamed co-conspirator who is a relative of Medjedovic and helped him launder the funds after coordinating with him. 

The FBI and Department of Homeland Security worked alongside the SEC and IRS as well as the Netherlands’ Public Prosecution Service and Cybercrime Unit — the Hague of the Dutch National Police.

CybercrimeGovernmentNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Mississippi electric utility warns 20,000 residents of data breach

Next Post

Woman nabbed by Thai police on alleged link to $182 million romance scam

Related Posts

TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025

Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon as possible
Avatar
Read More

SafeWallet Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist

SafeWallet has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts. The multi-signature (multisig) platform, which has roped in Google Cloud Mandiant to
Avatar
Read More