Sunday, May 4, 2025
HomecryptocurrencyCanadian National Charged with Stealing $65 Million in Crypto

Canadian National Charged with Stealing $65 Million in Crypto

Published on

SIEM as a Service

Follow Us on Google News

A Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors.

 A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities in automated smart contracts used by two prominent DeFi platforms: KyberSwap and Indexed Finance.

Alleged Exploits and Fraudulent Activity

According to court documents, Medjedovic’s scheme carried out between 2021 and 2023, involved borrowing hundreds of millions in digital tokens and leveraging deceptive trading strategies.

- Advertisement - Google News

These trades manipulated the smart contracts’ algorithms, causing them to miscalculate crucial variables and enabling Medjedovic to withdraw investor funds at artificially inflated prices. The resulting losses rendered many of the victims’ investments worthless.

In addition to the alleged theft, Medjedovic is accused of laundering the stolen funds through complex transactions to obscure their origins.

These efforts reportedly included swap transactions, bridging assets across multiple blockchains, and using a cryptocurrency “mixer” to anonymize the stolen funds. Prosecutors also allege that Medjedovic opened exchange accounts under false identities to further disguise his activities.

Extortion Attempt

In November 2023, Medjedovic allegedly escalated his fraudulent activity with an extortion attempt.

Following the exploit of KyberSwap, he proposed a fraudulent settlement, demanding full control of the KyberSwap protocol and its decentralized autonomous organization (DAO) as a condition to return half of the stolen assets.

Medjedovic faces five federal charges, including:

  • Wire fraud
  • Unauthorized damage to a protected computer
  • Attempted Hobbs Act extortion
  • Money laundering conspiracy
  • Money laundering

Each charge carries severe penalties, with up to 20 years in prison for the most serious counts and 10 years for unauthorized computer damage. A federal district court judge will ultimately determine Medjedovic’s sentence, considering the U.S. Sentencing Guidelines.

The case was investigated by the IRS Criminal Investigation (IRS-CI), Homeland Security Investigations (HSI), the FBI, and U.S. Customs and Border Protection, with support from international partners, including the Netherlands’ Public Prosecution Service and Dutch Cybercrime Unit.

“This case underscores the Justice Department’s commitment to holding individuals accountable, no matter how sophisticated their schemes,” said Antoinette T. Bacon, Supervisory Official at the DOJ’s Criminal Division.

Assistant U.S. Attorneys Nicholas Axelrod and Andrew Reich, along with the DOJ’s National Cryptocurrency Enforcement Team (NCET), are leading the prosecution.

While the charges are serious, it is important to note that an indictment is merely an allegation. Medjedovic is presumed innocent until proven guilty in a court of law.

The case highlights the risks associated with DeFi platforms and the ongoing efforts of law enforcement to combat cryptocurrency-related crimes.

Investors are reminded to exercise caution in navigating the complex and evolving crypto landscape.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool...

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool...