A Canadian man has been indicted for allegedly exploiting vulnerabilities in two decentralized finance protocols to fraudulently obtain approximately $65 million from investors, including those in the U.S.
The indictment charges 22-year-old Andean Medjedovic with manipulating the smart contracts of decentralized exchange aggregators KyberSwap and Indexed Finance between 2021 and 2023, withdrawing investor funds at artificial prices and rendering their investments worthless.
Despite the indictment, Medjedovic remains at large. Law enforcement agencies are actively pursuing his whereabouts, with support from the Netherlands’ Public Prosecution Service and the Dutch National Police Cybercrime Unit in The Hague.
Medjedovic is facing five charges, including one count of wire fraud, one count of unauthorized damage to a protected computer, one count of attempted Hobbs Act extortion (refers to the use of force, threats, or fear to unlawfully obtain property), and two counts of money laundering, the U.S. Department of Justice announced Monday.
“If convicted, he faces a maximum penalty of 10 years in prison on the unauthorized damage to a protected computer count and 20 years in prison on each of the other counts,” the department said.
The man allegedly borrowed hundreds of millions of dollars in digital tokens and engaged in a series of deceptive trades that tricked the automated smart contracts into miscalculating key financial variables, according to the indictment.
The indictment details how he allegedly used swap transactions to exchange the stolen tokens for other digital assets, conducted bridging transactions to move funds across different blockchains and relied on digital asset mixers to obscure the true flow of money.
Prosecutors also allege that Medjedovic and his associates opened accounts at various crypto exchanges using false and borrowed identities to further cover their tracks.
Following the Indexed Finance hack, he allegedly conspired with another person to launder the proceeds through exchange accounts opened using false KYC (Know Your Customer) information.
The indictment reveals Medjedovic maintained a detailed step-by-step playbook for obfuscating transactions, which he titled a “moneyMovementSystem”.
At one point, after one bridge protocol froze several of his transactions, Medjedovic allegedly paid an undercover law enforcement agent—who posed as a software developer—$80,000 to bypass restrictions and unlock $500,000 in stolen crypto.
In November 2023, Medjedovic allegedly executed an exploit targeting KyberSwap, a DeFi protocol operating on Ethereum, Arbitrum, and other blockchains.
By forcing the protocol’s liquidity pools to “glitch,” in his words, Medjedovic was able to drain $48.8 million in investor funds across 77 KyberSwap liquidity pools.
Following the exploit, Medjedovic allegedly attempted to extort KyberSwap developers, investors, and members of its decentralized autonomous organization (DAO) through a “sham settlement proposal.”
The indictment comes as global law enforcement continues cracking down on cyber-enabled financial crimes. In a separate case, Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) division arrested a man from West Bengal in connection with a $235 million cyberattack on India’s largest crypto exchange, WazirX.
Edited by Sebastian Sinclair
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
