After the collaborative efforts of many crypto analytic platforms, the Transit Swap team managed to get back around $16.2 million worth of crypto assets from exploiter.
TransitSwap is a Decentralized exchange (Dex), which provides better liquidity and better return, on all chains in one single Transit Swap.
On 1 October, a hidden bug impacted the platform badly, where a hacker managed to steal around $23 million worth of crypto assets from the platform.
Cybersecurity firm SlowMist analyzed this incident and noted that the hacker was able to attack the platform because of a vulnerability in Transit Swap’s smart contract code.
“The root cause of this attack is that the Transit Swap protocol does not strictly check the data passed in by the user during the token swap, which leads to the issue of arbitrary external calls. The attacker exploited this arbitrary external call issue to steal the tokens approved by the user for Transit Swap.”
In less than 24 hours of the hack attack, all the leading crypto analytic platforms Peckshield, SlowMist, Bitrace, and TokenPocket actively traced the details of the hacker and successfully collected email address & IP address. All these security firms managed to force the hacker to return the funds.
Hacker returned 70% of $23 million hacked crypto assets. The returned funds include 3,180 Ether (ETH) ($4.2 million), 1,500 Binance-Peg ETH ($2 million), and 50,000 BNB ($14.2 million).
On 2 October, the Transit Swap team informed the platform users that they are transferring the recovered funds to a new wallet address and the team is trying to convince the hacker to return more funds.
The Dex team also urged hackers to contact the team at [email protected]
These types of incidents every month are showing that the Defi industry will take more years to gain better potential in terms of security to the funds of crypto investors.