Skip to main content

Source: Сointеlеgrаph

A quick response from a number of blockchain security companies helped recover about 70% of a $23 million exploit from decentralized exchange (DEX) aggregator Transit Swap.

The DEX aggregator lost funds after a hacker exploited an internal error in the swap contract on October 1, which led to a quick response from the Transit Finance team, along with security companies Peckshield, SlowMist, Bitrace, and TokenPocket, who were able to quickly resolve the issue. The hacker’s IP address, email address, and associated chain addresses.

It appears that these efforts have already paid off, as less than 24 hours after the hack, Transit Finance noted that “with the combined efforts of all parties”, the hacker returned 70% of the stolen assets to two addresses, amounting to approximately $16.2 million.

These funds came in the form of 3,180 Ether (ETH) ($4.2 million), 1,500 ETH and Binance-Peg ($2 million), and 50,000 BNB ($14.2 million), according to BscScan and EtherScan.

In the latest update, Transit Finance stated that “the project team is in a hurry to collect specific data on stolen users and formulate a concrete recovery plan”, but also remains focused on recovering the last 30% of stolen funds.

Currently, security companies and project teams from all parties continue to monitor the hacking incident and communicate with the hacker via email and network methods. The team will continue to work hard to bring back more assets,” the post reads.

Related: $160M Stolen From Cryptocurrency Market Maker Wintermute

Cybersecurity firm SlowMist, in an analysis of the incident, noted that the hacker exploited a vulnerability in the Transit Swap smart contract code that arose directly from the transferFrom() function, which, in fact, allowed the transfer of user tokens directly to the address of the exploiter.

“The main reason for this attack is that the Transit Swap protocol does not strictly check the data passed by the user during the token exchange, which leads to the problem of arbitrary external calls. An attacker took advantage of this arbitrary external call problem to steal user-approved Transit Swap tokens.”

Source: Сointеlеgrаph

Leave a Reply