Canadian Hacker Andean Medjedovic Charged in Massive DeFi Protocol Attack

WhaleMinion · 2026-02-16T15:24:38+00:00

Andean Medjedovic, a Canadian citizen, faces serious charges for allegedly stealing $65 million from DeFi platforms through smart contract exploitation. His defense invokes the "code is law" principle, but prosecutors emphasize accountability under U.S. law, highlighting a pivotal moment for DeFi regulation.

WhaleMinion

2026-02-16 15:24:38

Abstract generation in progress

On February 3, U.S. federal prosecutors brought significant charges against Canadian citizen Andean Medjedovic, a 22-year-old accused of orchestrating sophisticated breaches against two major decentralized finance platforms. Court documents reveal that Medjedovic allegedly engineered attacks that netted approximately $65 million in stolen cryptocurrency assets—one of the most substantial single-actor DeFi heists in recent history.

The Smart Contract Exploitation Scheme

Andean Medjedovic stands accused of targeting Indexed Finance and KyberSwap between 2021 and 2023 through what prosecutors describe as deliberate manipulation of smart contract code. Rather than deploying traditional hacking techniques, authorities allege he identified and weaponized vulnerabilities inherent in the protocols’ underlying blockchain architecture. This method of attack represents an emerging threat vector within the decentralized finance ecosystem, where code vulnerabilities can translate directly into financial losses at massive scale.

The indictment encompasses five serious federal charges: telecommunications fraud, unauthorized computer damage, extortion, money laundering, and related financial crimes. This multi-count approach suggests prosecutors view the attacks as part of a coordinated criminal enterprise rather than isolated exploits.

The ‘Code Is Law’ Defense Meets Federal Justice

In his defense, Andean Medjedovic reportedly argued that identifying and exploiting smart contract vulnerabilities falls within the crypto community’s “code is law” philosophy—the principle that immutable blockchain code supersedes traditional legal frameworks. U.S. prosecutors categorically rejected this argument, asserting that criminal intent and financial theft cannot be exempted from federal jurisdiction simply because transactions occur on a blockchain.

This jurisdictional clash marks a critical moment for DeFi regulation, establishing that exploiting code vulnerabilities for personal financial gain constitutes prosecutable fraud under American law, regardless of the decentralized nature of the target.

Sentencing Implications and Industry Impact

If convicted on all charges, Andean Medjedovic could face a maximum prison sentence of 20 years, a substantial penalty that signals federal commitment to prosecuting cryptocurrency-related crimes with intensity. The case sends ripples through the DeFi community, reinforcing that platform developers and individual hackers alike operate under U.S. legal oversight when attacks result in financial harm.

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.