Transit Swap ‘hacker’ returns 70% of $23M in stolen funds

Cryptocurrency

A quick response from a number of blockchain security companies has helped facilitate the return of around 70% of the $23 million exploit of decentralized exchange (DEX) aggregator Transit Swap.

The DEX aggregator lost the funds after a hacker exploited an internal bug on a swap contract on Oct. 1, leading to a quick response from the Transit Finance team along with security companies Peckshield, SlowMist, Bitrace and TokenPocket, who were able to quickly work out the hacker’s IP, email address and associated-on chain addresses.

It appears these efforts have already borne fruit, as less than 24 hours after the hack, Transit Finance noted that “with joint efforts of all parties,” the hacker has returned 70% of the stolen assets to two addresses, equating to roughly $16.2 million.

These funds came in the form of 3,180 Ether (ETH) at $4.2 million, 1,500 Binance-Peg ETH at $2 million and 50,000 BNB at $14.2 million, according to BscScan and EtherScan.

In the most recent update, Transit Finance stated that “the project team is rushing to collect the specific data of the stolen users and formulate a specific return plan” but also remains focused on retrieving the final 30% of stolen funds.

At present, the security companies and project teams of all parties are still continuing to track the hacking incident and communicate with the hacker through email and on-chain methods. The team will continue to work hard to recover more assets,” it said. 

Related: $160M stolen from crypto market maker Wintermute

Cybersecurity firm SlowMist in an analysis of the incident noted that the hacker used a vulnerability in Transit Swap’s smart contract code, which came directly from the transferFrom() function, which essentially allowed users’ tokens to be transferred directly to the exploiter’s address:

“The root cause of this attack is that the Transit Swap protocol does not strictly check the data passed in by the user during token swap, which leads to the issue of arbitrary external calls. The attacker exploited this arbitrary external call issue to steal the tokens approved by the user for Transit Swap.”

Products You May Like

Articles You May Like

November home sales surged more than expected, boosted by lower mortgage rates
Higher business taxes take toll on UK economy as companies cut back hiring
Top Wall Street analysts recommend these dividend stocks for higher returns
SEC charges Silver Point Capital with nonpublic information policy failures
Fed cuts rates but ‘hawkish’ forecast hits stocks and sends dollar jumping

Leave a Reply

Your email address will not be published. Required fields are marked *