“We are deeply sorry,” Transit Swap said as it revealed that a flaw in the code allowed a hacker to make off with an estimated $21 million.
Transit Swap, a multi-chain decentralized swap aggregator, lost an estimated $21 million after a hacker exploited an internal bug in a swap contract. Following the disclosure, Transit Swap issued an apology to users with efforts to track down and recover the stolen funds currently underway.
“We are deeply sorry,” Transit Swap said as it revealed that a flaw in the code allowed a hacker to make off with an estimated $21 million. Blockchain security firm PeckShield narrowed the attack down to a compatibility issue or false trust in the exchange contract.
— Transit interchange | Buy Transit | NFT (@TransitFinance) October 2, 2022
Peckshield, along with other researchers including SlowMist, Bitrace, and TokenPocket, joined the search to locate the hacker. transit interchange said:
“Now we have a lot of valid information like the hacker’s IP, email address and associated addresses in the chain. We are doing our best to track down the hacker and try to communicate with the hacker and help everyone recover their losses to recover
The flowchart below shows the flow of stolen assets, as shared by PeckShield.
The ongoing investigation indicated that the hacker had previously withdrawn from known exchanges. Transit Swap promised to share more details with the community in due course, adding, “Thank you for his understanding and trust.”
Transit Swap has not yet responded to Cointelegraph’s request for comment.
Related: Amber Group Uses Simple Hardware To Show How Quick And Easy The Wintermute Hack Was
Repeating the updated security measures put in place by crypto companies, hackers continue to develop their methods to cheat investors.
#MEV A very profitable MEV bot, internally named 0xbad, was somehow cheated/hacked with a loss of 1101 ETH (~$1.45M) in the following Tx: https://t.co/FxXSY8AyhX
— PeckShield Inc. (@peckshield) September 27, 2022
Recently, a hacker used an Ether
Arbitrage trading bot to exploit a “bad code” vulnerability, draining 1,101 ETH, which was around $1.41 million at the time of writing.