Market

CowSwap Hacked Cause $200,000 Stolen Through A Security Vulnerability

Key Points:

  • CowSwap hacked and caused the decentralized exchange to lose about $200,000.
  • Most analysis suggests that the vulnerability lies in the SwapGuard contract licensing “unlimited” to various tokens.
  • The hacker transferred most of the money to the Tornado Cash mixer to erase the traces.
CowSwap hacked this morning through a security hole. Estimated damages ranged from $200,000, and most of the money was transferred to the Tornado Cash crypto mixer to remove traces.

As discovered, the attacker’s wallet address was added to the Solver list, the middle third party to connect purchases on CowSwap’s platform, by the multisig admin wallet. The attacker wallet then adopted the SwapGuard contract to extract DAI.

This process takes place off-chain to avoid unnecessary costs for users. However, in his analytical tweet series, the smart contracts.eth account said this turned out to be a bottleneck for the product’s design.

Most analysis currently suggests that the vulnerability lies in the fact that the SwapGuard contract grants “unlimited” permission to a variety of tokens, making it possible for an attacker to hack into and withdraw funds from the GPv2Settlement contract.

The attacker has now transferred 551 BNB to Tornado Cash to remove the traces. This amount corresponds to $181,000 in damages.

551 BNB transferred to Tornado Cash

Faced with information, the project only said that the above vulnerability is related to the contract to manage transaction fees collected for the product. The above agreement does not affect the user’s assets. Besides, details of the hack are yet to be revealed.

CowSwap is a Meta DEX aggregator that allows users to buy and sell tokens using peer-to-peer settled gas-free orders between its users or to any online source of liquidity any route while providing MEV protection.

The current Dex transaction aggregator relies entirely on third-party liquidity, which can reduce slippage and improve trading efficiency, but still incur transaction fees.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Foxy

Coincu News

Victor

Share
Published by
Victor
Tags: # CryptocurrenciescryptohackSecurity Vulnerabilities
2 years ago

Recent Posts

2025 Crypto Bull Run: Ethereum Hits $10000, Cardano Crosses $10, and RXS Token Price Skyrockets to $15—How Much Richer Are You?

As 2025 looms large, crypto enthusiasts are preparing for the possibility of a massive bull…

10 minutes ago

WeFi to Enter New Phase of DeFi Following November $WFI Token Generation Event

Charlestown, Saint Kitts and Nevis, 18th November 2024, Chainwire

1 hour ago

Top 8 Ways to Make Passive Income Through Cryptocurrency in 2024

Passive income opportunities in crypto have become even more accessible in 2024, allowing both seasoned…

4 hours ago

2000+ Holders Back This Game-Changing Crypto – The Best Altcoin in 2024 Amid TRON’s Growth Surge and Render’s $15 Target

Discover why over 2000 holders support the best altcoin yet. TRON sees record growth, and…

4 hours ago

LAOS Network Lists Token; Forges Partnership with Sequence to Bring Scalable Free-2-Play Gaming to Web3

Barcelona, Spain, 18th November 2024, Chainwire

4 hours ago

Metaplanet Bitcoin Bond Japan Firm Issues $11.3M For BTC

Metaplanet Bitcoin Bond highlights Japan’s Metaplanet issuing $11.3M bonds to purchase more bitcoin, strengthening its…

4 hours ago

This website uses cookies.