The Legal Pursuit of Andean Medjedovic

Introduction

On February 3, 2025, the U.S. Department of Justice (DOJ) unsealed a five-count indictment against Andean Medjedovic, a 22-year-old Canadian national, for orchestrating two major decentralized finance (DeFi) hacks—Indexed Finance (2021) and KyberSwap (2023). Medjedovic allegedly exploited smart contract vulnerabilities and engaged in deceptive trading practices to siphon approximately $65 million in digital assets. His case has reignited debates on DeFi regulation, security, and ethical accountability, questioning whether "code is law" absolves exploiters of legal consequences or if such actions should be prosecuted under existing financial laws.

Arguments from 2021 on whether 'Code is Law' applies in unregulated markets

In addition to criminal charges in the U.S., Medjedovic faces a class-action lawsuit in Canada, further intensifying discussions around the legal and ethical implications of exploiting DeFi protocols. As law enforcement agencies worldwide seek his arrest, his case is shaping the future of DeFi security and legal frameworks.

Who is Andean Medjedovic?

A former student at the University of Waterloo and a recognized mathematics prodigy, Andean Medjedovic demonstrated exceptional problem-solving skills from a young age. At 19, Medjedovic earned a master’s degree in mathematics from the University of Waterloo, per Ontario court documents, and while still a student, he allegedly executed the Indexed Finance exploit in October 2021, capitalizing on a vulnerability in the protocol’s price oracle system. Through a series of calculated trades, he artificially suppressed asset prices, enabling him to withdraw funds at highly favorable rates.

Medjedovic’s actions polarized the DeFi community. A Twitter account linked to him, under the alias ZetaZeroes, defended the exploit, arguing that the protocol had simply been "out-traded." In a 2022 interview with Bloomberg Businessweek, he described his approach as leveraging "mispricing opportunities," reinforcing the controversial belief that in decentralized finance, "code is law." However, legal experts, including Indexed Finance co-founder Dillon Kellar, dismissed this argument, emphasizing that DeFi operates within broader financial regulations and cannot function as a lawless ecosystem.

Following the Indexed Finance hack, Medjedovic remained under scrutiny. In November 2023, he allegedly exploited KyberSwap for $48.8 million by manipulating liquidity pools through smart contract vulnerabilities, demonstrating an increasing level of sophistication in financial exploits. His repeated targeting of DeFi protocols raised urgent concerns over security loopholes, ethical boundaries, and the need for greater regulatory oversight.

The DOJ Indictment and Criminal Charges

On February 3, 2025, the U.S. Department of Justice (DOJ) unsealed a five-count indictment in the Eastern District of New York against Andean Medjedovic, charging him with:

  • Wire Fraud – Fraudulently acquiring digital assets through manipulative trading strategies.

  • Unauthorized Damage to a Protected Computer – Exploiting Vulnerabilities in Indexed Finance and KyberSwap’s Smart Contracts.

  • Attempted Hobbs Act Extortion – Demanding control over KyberSwap in exchange for returning 50% of stolen assets.

  • Money Laundering – Concealing illicit funds through blockchain bridges, cryptocurrency mixers, and swap transactions.

  • Conspiracy – Collaborating with undisclosed parties to execute and launder the stolen funds.

Prosecutors allege that Medjedovic leveraged flash loans to borrow millions in digital tokens, using smart contract exploits to miscalculate asset values and withdraw investor funds at artificial prices. His KyberSwap attack in 2023 reportedly netted him $48.8 million, further strengthening his reputation as one of DeFi’s most sophisticated exploiters.

If convicted, Medjovic faces up to 10 years for unauthorized damage to a protected computer and 20 years on each of the other four charges. His sentencing will ultimately be determined by a federal district court judge under U.S. Sentencing Guidelines.

Ongoing Lawsuit in Canada

In parallel to the U.S. criminal proceedings, a class-action lawsuit remains active in Canada. Filed in the Ontario Superior Court of Justice by Cicada 137 LLC, representing Indexed Finance investors, the suit challenges Medjedovic’s "code is law" defense. Indexed Finance contributor Laurence Day has argued that legitimizing such actions would set a dangerous precedent, incentivizing exploiters rather than holding them accountable within legal frameworks.

As of now, Medjedovic remains a fugitive, actively pursued by international law enforcement agencies, including the FBI, IRS-CI, and Homeland Security Investigations (HSI). His case underscores the urgency of addressing security flaws in DeFi while establishing clear legal boundaries for financial exploits.

Blockscope’s Investigation

As part of our ongoing commitment to tracking crypto exploits, Blockscope conducted an in-depth investigation into the Indexed Finance (2021) and KyberSwap (2023) hacks. Our analysis uncovered:

  • A common pattern in Medjovic’s tactics between the Indexed Finance and KyberSwap hacks.

  • Sophisticated laundering techniques, including the use of blockchain bridges, mixers, and fake exchange accounts.

  • A failed attempt to bribe an undercover law enforcement officer with $80,000 to unfreeze stolen funds.

Our findings underscore the sophistication of both exploits. To illustrate this, the next section provides a comprehensive technical breakdown of the 2021 Indexed Finance hack.

NextThe Indexed Finance Hack

Last updated