A Canadian national, Andean Medjedovic, has been indicted for allegedly exploiting vulnerabilities in two decentralized finance (DeFi) protocols—KyberSwap and Indexed Finance—to steal approximately $65 million in cryptocurrency. 

The US Attorney’s Office for the Eastern District of New York unsealed the indictment on February 3, 2025, charging Medjedovic with wire fraud, computer hacking, attempted extortion, and money laundering. Authorities say he remains at large.

Medjedovic allegedly executed a highly complex trading scheme by manipulating the automated smart contracts that govern liquidity pools within DeFi platforms. These liquidity pools rely on investor-contributed cryptocurrency to facilitate decentralized trading.

According to prosecutors, Medjedovic exploited flaws in KyberSwap’s and Indexed Finance’s smart contract code, allowing him to manipulate trading prices and extract millions in investor funds. His tactics included borrowing large sums of cryptocurrency, distorting automated pricing mechanisms, and executing manipulative trades that triggered contract vulnerabilities.‍

KyberSwap Hack – $48.8 Million Stolen

In November 2023, Medjedovic allegedly manipulated 77 KyberSwap liquidity pools across multiple blockchains, including Ethereum and Arbitrum, using hundreds of millions of dollars in borrowed crypto. By artificially adjusting pricing models, he drained $48.8 million from investor funds.

After the attack, authorities claim Medjedovic attempted to extort the developers and investors of KyberSwap. He allegedly demanded control over KyberSwap’s decentralized autonomous organization (DAO) in exchange for returning half of the stolen assets.

Medjedovic’s first known exploit targeted Indexed Finance in October 2021. Using a similar strategy, he manipulated the platform’s "re-indexing" mechanism, which adjusts token balances in liquidity pools. By artificially inflating values, he withdrew $16.5 million in crypto from Indexed Finance.

Prosecutors allege that, following the Indexed Finance exploit, Medjedovic conspired to launder his stolen assets using crypto exchanges and “mixers”—services designed to obscure the origin of digital funds.‍

Federal Crackdown on Crypto Crime

The US government has intensified efforts to police cybercrime within the DeFi ecosystem, a largely unregulated sector of the cryptocurrency industry. John J. Durham, U.S. Attorney for the Eastern District of New York, stated, “As alleged, the defendant executed a highly sophisticated scheme to exploit two DeFi protocols and steal tens of millions of dollars from investors. Criminals who manipulate emerging technologies for financial gain will be held accountable.”

Authorities also credited the IRS-Criminal Investigation (IRS-CI), the FBI, and Homeland Security Investigations (HSI) for their role in the case. IRS-CI’s cybercrime unit collaborated with Europol and international partners to track the stolen funds.

IRS-CI Special Agent Harry T. Chavis Jr. added, “Even with the complexities of DeFi, we tracked down who is responsible for this large-scale theft, and he is now a wanted man.”