# The Legal Pursuit of Andean Medjedovic

<figure><img src="/files/osjTDiUDlqTqCHn2E4T4" alt=""><figcaption></figcaption></figure>

## Introduction

On February 3, 2025,[ the U.S. Department of Justice (DOJ) unsealed a five-count indictment](https://www.justice.gov/opa/pr/canadian-man-charged-65m-cryptocurrency-hacking-schemes) against Andean Medjedovic, a 22-year-old Canadian national, for orchestrating two major decentralized finance (DeFi) hacks—[Indexed Finance ](https://x.com/ndxfi?lang=en)(2021) and [KyberSwap](https://x.com/KyberNetwork?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) (2023). Medjedovic allegedly exploited smart contract vulnerabilities and engaged in deceptive trading practices to siphon approximately $65 million in digital assets. His case has reignited debates on DeFi regulation, security, and ethical accountability, questioning [whether "code is law" absolves exploiters](https://blockworks.co/news/canadian-15-8m-defi-theft-case-could-upend-code-is-law-convention) of legal consequences or if such actions should be prosecuted under existing financial laws.

<figure><img src="/files/Wu71zBFhUzuOLHuw7jIj" alt=""><figcaption><p><a href="https://x.com/0xTheInvincible/status/1451151832676544517?ref_src=twsrc%5Etfw">Arguments from 2021 on whether 'Code is Law' applies in unregulated markets</a></p></figcaption></figure>

In addition to criminal charges in the U.S., Medjedovic faces a class-action lawsuit in Canada, further intensifying discussions around the legal and ethical implications of exploiting DeFi protocols. As law enforcement agencies worldwide seek his arrest, his case is shaping the future of DeFi security and legal frameworks.

## Who is Andean Medjedovic?

A former student at the University of Waterloo and a recognized mathematics prodigy, Andean Medjedovic demonstrated exceptional problem-solving skills from a young age. At 19, Medjedovic earned a master’s degree in mathematics from the University of Waterloo, [per Ontario court documents](https://www.canlii.org/en/on/onsc/doc/2021/2021onsc369/2021onsc369.html), and while still a student, he allegedly executed the Indexed Finance exploit in October 2021, capitalizing on a vulnerability in the protocol’s price oracle system. Through a series of calculated trades, he artificially suppressed asset prices, enabling him to withdraw funds at highly favorable rates.

Medjedovic’s actions polarized the DeFi community. A Twitter account linked to him, under the alias [**ZetaZeroes**](https://x.com/ZetaZeroes), defended the exploit, arguing that the protocol had simply been "out-traded." [In a 2022 interview with *Bloomberg Businessweek*](https://www.bloomberg.com/news/features/2022-05-19/crypto-platform-hack-rocks-blockchain-community?embedded-checkout=true), he described his approach as leveraging "mispricing opportunities," reinforcing the controversial belief that in decentralized finance, **"code is law."** However, legal experts, including Indexed Finance co-founder Dillon Kellar, dismissed this argument, emphasizing that DeFi operates within broader financial regulations and cannot function as a lawless ecosystem.

Following the Indexed Finance hack, Medjedovic remained under scrutiny. In November 2023, he allegedly exploited KyberSwap for $48.8 million by manipulating liquidity pools through smart contract vulnerabilities, demonstrating an increasing level of sophistication in financial exploits. His repeated targeting of DeFi protocols raised urgent concerns over security loopholes, ethical boundaries, and the need for greater regulatory oversight.

## **The DOJ Indictment and Criminal Charges**

On February 3, 2025, [the U.S. Department of Justice (DOJ) unsealed a five-count indictment](https://www.justice.gov/opa/pr/canadian-man-charged-65m-cryptocurrency-hacking-schemes) in the Eastern District of New York against Andean Medjedovic, charging him with:

* **Wire Fraud** – Fraudulently acquiring digital assets through manipulative trading strategies.
* **Unauthorized Damage to a Protected Computer** – Exploiting Vulnerabilities in Indexed Finance and KyberSwap’s Smart Contracts.
* **Attempted Hobbs Act Extortion** – Demanding control over KyberSwap in exchange for returning 50% of stolen assets.
* **Money Laundering** – Concealing illicit funds through blockchain bridges, cryptocurrency mixers, and swap transactions.
* **Conspiracy** – Collaborating with undisclosed parties to execute and launder the stolen funds.

[Prosecutors allege that Medjedovic leveraged flash loans](https://www.justice.gov/usao-edny/pr/canadian-national-charged-stealing-approximately-65-million-cryptocurrency-two-defi) to borrow millions in digital tokens, using smart contract exploits to miscalculate asset values and withdraw investor funds at artificial prices. His KyberSwap attack in 2023 reportedly netted him $48.8 million, further strengthening his reputation as one of DeFi’s most sophisticated exploiters.

If convicted, Medjovic faces up to 10 years for unauthorized damage to a protected computer and 20 years on each of the other four charges. His sentencing will ultimately be determined by a federal district court judge under U.S. Sentencing Guidelines.

### **Ongoing Lawsuit in Canada**

In parallel to the U.S. criminal proceedings, a class-action lawsuit remains active in Canada. Filed in the [**Ontario Superior Court of Justice** by **Cicada 137 LLC**](https://www.canlii.org/en/on/onsc/doc/2021/2021onsc369/2021onsc369.html), representing Indexed Finance investors, the suit challenges Medjedovic’s "code is law" defense. Indexed Finance contributor[ Laurence Day](https://x.com/functi0nZer0) has argued that legitimizing such actions would set a dangerous precedent, incentivizing exploiters rather than holding them accountable within legal frameworks.

As of now, Medjedovic remains a fugitive, actively pursued by international law enforcement agencies, including the FBI, IRS-CI, and Homeland Security Investigations (HSI)**.** His case underscores the urgency of addressing security flaws in DeFi while establishing clear legal boundaries for financial exploits.

## **Blockscope’s Investigation**

As part of our ongoing commitment to tracking crypto exploits, [**Blockscope**](https://www.blockscope.co/) conducted an in-depth investigation into the **Indexed Finance (2021) and KyberSwap (2023) hacks.** Our analysis uncovered:

* **A common pattern** **in Medjovic’s tactics** between the Indexed Finance and KyberSwap hacks.
* **Sophisticated laundering techniques**, including the use of blockchain bridges, mixers, and fake exchange accounts.
* [**A failed attempt to bribe** ](https://www.justice.gov/usao-edny/pr/canadian-national-charged-stealing-approximately-65-million-cryptocurrency-two-defi)an undercover law enforcement officer with $80,000 to unfreeze stolen funds.

Our findings underscore the sophistication of both exploits. To illustrate this, the next section provides a comprehensive technical breakdown of the 2021 Indexed Finance hack.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://research.blockscope.co/andean-medjovic-case-and-investigation/the-legal-pursuit-of-andean-medjedovic.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.