Transit Swap, a DEX aggregator was recently hacked to the tune of $23 million, due to a swift response from many blockchain security firms about 70%of the stolen funds have been returned.
The Transit Swap DEX aggregator lost the funds on October 1 after a hacker took advantage of an internal flaw in a swap contract. The Transit Finance team and security firms Peckshield, SlowMist, Bitrace, and TokenPocket responded quickly and were able to identify the hacker’s IP address, email address, and associated-on-chain addresses.
Less than 24 hours after the hack, Transit Finance reported that “through combined efforts of all parties,” the hacker has returned 70% of the stolen funds to two addresses, totaling about $16.2 million. This suggests that the hacker’s efforts have already paid off.
According to BscScan and EtherScan, these monies were distributed as 3,180 Ether (ETH) worth $4.2 million, 1,500 Binance-Peg ETH worth $2 million, and 50,000 BNB worth $14.2 million.
Transit Finance said in its most recent update that while “the project team is hurrying to collect the precise data of the stolen customers and design a detailed return plan,” it is still committed to recovering the remaining 30% of the cash that has been taken.
The security firms and project teams of all parties are still tracking the hacking event and corresponding with the hacker via email and on-chain techniques as of right now. The team will keep putting in a lot of effort to find other assets, it stated.
In a study of the issue, cybersecurity company SlowMist reported that the hacker had taken use of a flaw in the Transit Swap smart contract code that originated from the transferFrom() function, effectively allowing users’ tokens to be sent directly to the exploiter’s address:
“The root cause of this attack is that the Transit Swap protocol does not strictly check the data passed in by the user during token swap, which leads to the issue of arbitrary external calls. The attacker exploited this arbitrary external call issue to steal the tokens approved by the user for Transit Swap.”
