{"id":36974,"date":"2022-10-03T05:02:41","date_gmt":"2022-10-03T09:02:41","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=36974"},"modified":"2022-10-03T05:02:44","modified_gmt":"2022-10-03T09:02:44","slug":"transit-swap-recovers-70-of-stolen-funds-from-recent-hack","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/transit-swap-recovers-70-of-stolen-funds-from-recent-hack\/","title":{"rendered":"Transit Swap recovers 70% of stolen funds from recent hack"},"content":{"rendered":"\n
Transit Swap, a DEX aggregator <\/a>was recently hacked to the tune of $23 million, due to a swift response from many blockchain security firms about 70%of the stolen funds have been returned.<\/h5>\n\n\n\n
\"Transit
Transit Swap recovers 70% of stolen funds from recent hack<\/figcaption><\/figure>\n\n\n\n

The Transit Swap DEX aggregator lost the funds on October 1 after a hacker took advantage of an internal flaw in a swap contract. The Transit Finance team and security firms Peckshield, SlowMist, Bitrace, and TokenPocket responded quickly and were able to identify the hacker's IP address, email address, and associated-on-chain addresses.<\/p>\n\n\n\n

Less than 24 hours after the hack, Transit Finance \r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a>reported that “through combined efforts of all parties,” the hacker has returned 70% of the stolen funds to two addresses, totaling about $16.2 million. This suggests that the hacker's efforts have already paid off.<\/p>\n\n\n\n

According to BscScan and EtherScan, these monies were distributed as 3,180 Ether (ETH) worth $4.2 million, 1,500 Binance-Peg ETH worth $2 million, and 50,000 BNB worth $14.2 million.<\/p>\n\n\n\n

\n

\ud83d\udce2\ud83d\udce2\ud83d\udce2Updates about TransitFinance
1\/5 We are here to update the latest news about TransitFinance Hacking Event. With the joint efforts of all parties, the hacker has returned about 70% of the stolen assets to the following two addresses:<\/p>— Transit (@TransitFinance) October 2, 2022<\/use><\/svg><\/span><\/a><\/blockquote>

Transit Finance said in its most recent update that while “the project team is hurrying to collect the precise data of the stolen customers and design a detailed return plan,” it is still committed to recovering the remaining 30% of the cash that has been taken.<\/p>\n\n\n\n

The security firms<\/a> and project teams of all parties are still tracking the hacking event and corresponding with the hacker via email and on-chain techniques as of right now. The team will keep putting in a lot of effort to find other assets, it stated.<\/p>\n\n\n\n

In a study of the issue, cybersecurity company SlowMist reported that the hacker had taken use of a flaw in the Transit Swap smart contract code that originated from the transferFrom() function, effectively allowing users' tokens to be sent directly to the exploiter's address:<\/p>\n\n\n\n

\u201cThe root cause of this attack is that the Transit Swap protocol does not strictly check the data passed in by the user during token swap<\/a>, which leads to the issue of arbitrary external calls. The attacker exploited this arbitrary external call issue to steal the tokens approved by the user for Transit Swap.\u201d<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"

Transit Swap, a DEX aggregator was recently hacked to the tune of $23 million, due to a swift response from many blockchain security firms about 70%of the stolen funds have been returned. The Transit Swap DEX aggregator lost the funds on October 1 after a hacker took advantage of an internal flaw in a swap […]<\/p>\n","protected":false},"author":12,"featured_media":36977,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[1400,1496,11672],"class_list":["post-36974","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-dex","tag-hack","tag-transit-swap"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2022\/10\/image.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/36974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=36974"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/36974\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/36977"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=36974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=36974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=36974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}