A 22-year-old Canadian, Andean Medjedovic, was charged by US prosecutors on Monday for allegedly stealing $65 million from crypto protocols Indexed Finance and KyberSwap. Medjedovic has been a fugitive since 2021, following his exploits in the cryptocurrency world.
The young hacker confessed to exploiting approximately $16 million from DeFi protocol Indexed Finance in October 2021. Additionally, he was suspected of being the mastermind behind the November 2023 hack of KyberSwap, which resulted in losses of about $48 million for the protocol and its users. After the KyberSwap exploit, the hacker transferred around $2 million in crypto to a digital wallet that authorities believe is linked to Medjedovic.
Medjedovic is facing a total of five charges, including fraud, money laundering, and extortion. Despite multiple attempts to reach him for comment, he did not respond to inquiries on Monday. The 22-year-old, known for his proficiency in mathematics, has been evading law enforcement since the Indexed Finance incident in 2021.
The hacker claimed that his actions were legitimate, asserting that he was simply exploiting vulnerabilities in the protocols’ designs. However, his “code-is-law” defense was recently invalidated in a US federal court when rogue trader Avraham Eisenberg was convicted of defrauding Mango Markets using a similar technique.
In an interview with DL News in 2023, Medjedovic disclosed that his life on the run had taken him across Europe and Latin America before settling on an undisclosed island. Despite evading questions about the Indexed exploit, he defended his ethical hacking activities as a more sustainable lifestyle choice.
Months later, a sophisticated heist drained KyberSwap of $48 million, with a portion of the stolen funds traced back to Medjedovic. Prosecutors allege that he orchestrated the attack on KyberSwap, defrauding the platform and its stakeholders while attempting to launder the illicit proceeds using a crypto mixer.
Detailed documents found on Medjedovic’s digital devices outlined his money laundering strategies, with one note suggesting the purchase of a laptop for storing crypto and hacking tools. The indictment also revealed his attempt to move stolen funds from KyberSwap to Ethereum but was intercepted by developers.
In response to queries from the support team, Medjedovic threatened to involve authorities if his transaction was not approved, highlighting his skewed sense of ethics. Despite the potential arrest of Medjedovic, Indexed co-founder Laurence Day believes that restitution for the victims of the 2021 exploit may be challenging, as the stolen funds were further compromised due to subsequent hacks on the crypto wallet.
The ongoing saga involving Medjedovic underscores the risks and challenges faced by the cryptocurrency industry in combating cyber theft and fraud. As the case unfolds, the impact of his actions on the DeFi ecosystem and the broader crypto community remains to be seen.
Aleks Gilbert, DL News’ New York-based DeFi correspondent, covers the latest developments in the crypto world. For inquiries, he can be reached at aleks@dlnews.com.