TLDR
- Canadian hacker Andean Medjedovic, 22, charged with stealing $65 million through exploits of Kyberswap ($50M) and Indexed Finance ($16M) DeFi platforms
- Five-count indictment includes wire fraud, computer damage, extortion, and money laundering charges, facing up to 90 years in prison
- Medjedovic has been a fugitive since 2021, reportedly traveling through Europe, South America, and an island nation
- After the Kyberswap hack, he attempted to extort developers by offering to return half the stolen assets in exchange for platform control
- Despite claiming to become a whitehat hacker in 2023, he allegedly planned and executed the Kyberswap exploit months later
The U.S. Department of Justice has unsealed a five-count criminal indictment against 22-year-old Canadian citizen Andean “Andy” Medjedovic for allegedly stealing $65 million through exploits of two decentralized finance platforms, Kyberswap and Indexed Finance.
According to court documents filed in the Eastern District of New York, Medjedovic manipulated smart contracts on both platforms between 2021 and 2023. The attacks resulted in the theft of approximately $16 million from Indexed Finance and $50 million from Kyberswap.
The charges against Medjedovic include wire fraud, unauthorized damage to a protected computer, attempted Hobbs Act extortion, money laundering conspiracy, and money laundering. If convicted, he faces up to 90 years in prison, with individual counts carrying maximum sentences ranging from 10 to 20 years.
Prosecutors allege that Medjedovic used deceptive trading tactics to trick the protocols into calculating incorrect financial variables. This manipulation allowed him to withdraw large amounts of cryptocurrency at artificially generated prices, causing major losses for investors on both platforms.
The investigation revealed that Medjedovic allegedly spent months planning the Kyberswap attack. Evidence includes written notes to himself, with one reading “Find time to Strike!” and another outlining a “POST-EXPLOITATION” plan. In another recovered file, he wrote about his risk assessment, noting “Going On the run / Yes / Chance of getting caught<Payoff for not getting caught / (NA) / Risk is typically underpriced in modern world.”
Following the Kyberswap exploit in November 2023, authorities say Medjedovic attempted to extort the protocol’s developers. He offered to return only half of the stolen digital assets in exchange for full control of the Kyberswap platform and its governing decentralized autonomous organization (DAO).
Unlike many cryptocurrency thieves who maintain anonymity, Medjedovic publicly admitted to being the Indexed Finance attacker, which he carried out as a teenager. He maintained that his actions were not illegal, taking a “code is law” position similar to another DeFi hacker, Avraham Eisenberg, who was later convicted of fraud for his $110 million Mango Markets exploit.
Medjedovic has been evading authorities since December 2021, when a Canadian court issued a warrant for his arrest. In a 2023 interview with a DeFi Llama reporter, he described life as a fugitive as “exhausting” and revealed he had been moving between locations in Europe, South America, and an unnamed island nation.
The case has involved international cooperation, with assistance from the Netherlands’ Public Prosecution Service and Cybercrime Unit, as well as U.S. Customs and Border Protection. According to a spokesperson for the Eastern District of New York, Medjedovic remains at large and is not believed to be in the United States.
U.S. Attorney John J. Durham emphasized the sophisticated nature of the attacks, stating, “The defendant executed a highly sophisticated scheme to exploit two decentralized finance protocols and steal tens of millions of dollars’ worth of cryptocurrency from investors.”
After the initial Indexed Finance exploit, Medjedovic told reporters he had become a whitehat hacker, suggesting he would use his skills to help protect platforms rather than exploit them. However, prosecutors allege that just eight months after making this claim, he carried out the larger $50 million theft from Kyberswap.
To hide the stolen funds, prosecutors say Medjedovic employed a complex laundering operation. This included using digital asset swaps, “bridging transactions” between different blockchain networks, and cryptocurrency “mixers” designed to obscure the source and ownership of the funds.
The indictment represents another example of U.S. authorities pursuing charges against cryptocurrency-related crimes, even when the suspects operate internationally. Federal officials have repeatedly stated their commitment to prosecuting financial crimes involving emerging technologies.
Currently, law enforcement agencies continue their efforts to locate and apprehend Medjedovic. A spokesperson for the Eastern District of New York confirmed that he remains a fugitive from justice.
The post Canadian Hacker Charged in $65M Cryptocurrency Platform Thefts appeared first on Blockonomi.