Transit Swap loses over $21M due to internal bug hack, issues apology

Published at: Oct. 2, 2022

Transit Swap, a multi-chain decentralized exchange (DEX) aggregator, lost roughly $21 million after a hacker exploited an internal bug on a swap contract. Following the revelation, Transit Swap issued an apology to the users while efforts to track down and recover the stolen funds are underway.

“We are deeply sorry,” stated Transit Swap while revealing that a bug in the code allowed a hacker to make away with an estimated $21 million. Blockchain investigator Peckshield narrowed down the attack to a compatibility issue or misplaced trust in the swap contract.

pic.twitter.com/KJ7u5xoxBp

— Transit Swap | Transit Buy | NFT (@TransitFinance) October 2, 2022

Peckshield, along with other investigators, including SlowMist, Bitrace and TokenPocket joined in on the pursuit to track down the hacker. Transit Swap stated:

“We now have a lot of valid information such as the hacker's IP, email address, and associated on-chain addresses. We will try our best to track the hacker and try to communicate with the hacker and help everyone recover their losses.”

The flowchart below depicts the flow of the stolen assets, as shared by Peckshield.

The ongoing investigation hinted that the hacker may have performed earlier withdrawals from known exchanges. Transit Swap has promised to share more details with the community in due time, adding that “Thank you for your understanding and trust.”

Transit Swap has not yet responded to Cointelegraph’s request for comment.

Related: Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was

Reciprocating the updated security measures implemented by crypto businesses, hackers continue to evolve their methods to dupe investors.

#MEV A very profitable MEV bot, internally named as 0xbad, was somehow tricked/hacked with 1,101 ETH loss (~$1.45M) in the following tx: https://t.co/FxXSY8AyhX

— PeckShield Inc. (@peckshield) September 27, 2022

Recently, a hacker used an Ethereum (ETH) arbitrage trading bot to exploit a “bad code” vulnerability for draining 1,101 ETH, which was around $1.41 million at the time of writing.

Tags
Dex
Related Posts
Maiar decentralized crypto exchange goes offline after bug discovery
The Maiar Exchange, a decentralized exchange (DEX) native to the Elrond blockchain, has been temporarily taken offline after an attacker utilized an exploit and made off with roughly $113 million worth of Elrond eGold (EGLD). Minutes before 12:00 am UTC on Monday, the co-founder and CEO of Elrond, Beniamin Mincu, tweeted that he and his team were “investigating a set of suspicious activities” on the Maiar decentralized cryptocurrency exchange. Soon after, the DEX was taken offline, with Mincu reporting that the issue had been identified and an “emergency fix” was being implemented. In a Twitter thread posted almost 24 hours …
Altcoin / June 7, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Solana and Arbitrum knocked offline, while Ethereum evades attack
Surging Ethereum rival, Solana (SOL), has shed 15% of its value over the past 24 hours after suffering a denial-of-service disruption. On Tuesday at 12:38 pm UTC, Twitter account Solana Status announced that Solana’s mainnet beta had been suffering intermittent instability over a 45-minute period. Six hours after announcing the incident, Solana Status explained that a large increase in transaction load to 400,000 per second had overwhelmed the network, created a denial-of-service, and caused the network to start forking. 1/ Solana Mainnet Beta encountered a large increase in transaction load which peaked at 400,000 TPS. These transactions flooded the transaction …
Technology / Sept. 15, 2021
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
Injective Protocol (INJ) rallies 100%+ after launching cross-chain support for Cosmos
Trading perpetual futures contracts in decentralized apps is a crypto sub-sector ripe for growth, especially as discussions of regulation, taxation and mandatory KYC at centralized exchanges continue to take place. One DEX platform that has begun to gain traction is Injective (INJ), an interoperable layer-one protocol designed to facilitate the creation of cross-chain Web3 decentralized finance (DeFi) applications. Data from Cointelegraph Markets Pro and TradingView shows that after hitting a low of $3.91 on Feb. 3, the price of INJ has rallied 157.8% to a daily high of $10.08 on Feb. 11 amidst a 1,756% spike in its 24-hour trading …
Markets / Feb. 13, 2022