TRENDING:
Trade War
XAU/USD
Silver
EUR/USD
GBP/USD
USD/CAD
AUD/USD
Sponsored by
Login
|

Transit swap ‘hacker’ returns 70% of $23M in stolen funds

Transit swap ‘hacker’ returns 70% of $23M in stolen funds
Cointelegraph TeamCointelegraph TeamCointelegraph

A quick response from a number of blockchain security companies has helped facilitate the return of around 70% of the $23 million exploit of decentralized exchange (DEX) aggregator Transit Swap.

The DEX aggregator lost the funds after a hacker exploited an internal bug on a swap contract on Oct. 1, leading to a quick response from the Transit Finance team along with security companies Peckshield, SlowMist, Bitrace and TokenPocket, who were able to quickly work out the hacker’s IP, email address and associated-on chain addresses.

It appears these efforts have already borne fruit, as less than 24 hours after the hack, Transit Finance noted that “with joint efforts of all parties,” the hacker has returned 70% of the stolen assets to two addresses, equating to roughly $16.2 million.

These funds came in the form of 3,180 Ether (ETH) at $4.2 million, 1,500 Binance-Peg ETH at $2 million and 50,000 BNB at $14.2 million, according to BscScan and EtherScan.

In the most recent update, Transit Finance stated that “the project team is rushing to collect the specific data of the stolen users and formulate a specific return plan” but also remains focused on retrieving the final 30% of stolen funds.

At present, the security companies and project teams of all parties are still continuing to track the hacking incident and communicate with the hacker through email and on-chain methods. The team will continue to work hard to recover more assets," it said. 

Cybersecurity firm SlowMist in an analysis of the incident noted that the hacker used a vulnerability in Transit Swap’s smart contract code, which came directly from the transferFrom() function, which essentially allowed users' tokens to be transferred directly to the exploiter's address:

The root cause of this attack is that the Transit Swap protocol does not strictly check the data passed in by the user during token swap, which leads to the issue of arbitrary external calls. The attacker exploited this arbitrary external call issue to steal the tokens approved by the user for Transit Swap.

Author

Cointelegraph Team

Cointelegraph Team

Cointelegraph

We are privileged enough to work with the best and brightest in Bitcoin.

More from Cointelegraph Team
Share:

Editor's Picks

Ripple bulls defend key support amid waning retail demand and ETF inflows

Ripple bulls defend key support amid waning retail demand and ETF inflows

XRP ticks up above $1.40 support, but waning retail demand suggests caution. XRP attracts $4 million in spot ETF inflows on Thursday, signaling renewed institutional investor interest.

Crypto Today: Bitcoin, Ethereum, XRP rebound as risk appetite improves

Crypto Today: Bitcoin, Ethereum, XRP rebound as risk appetite improves

Bitcoin rises marginally, nearing the immediate resistance of $68,000 at the time of writing on Friday. Major altcoins, including Ethereum and Ripple, hold key support levels as bulls aim to maintain marginal intraday gains.

Bitcoin Weekly Forecast: No recovery in sight 

Bitcoin Weekly Forecast: No recovery in sight 

Bitcoin price continues to trade sideways between $65,729 and $71,746, extending its consolidation since February 7. US-spot ETFs record an outflow of $403.90 million through Thursday, pointing to the fifth consecutive week of withdrawals.

Pi Network Price Forecast: PI recovery stalls amid profit-taking

Pi Network Price Forecast: PI recovery stalls amid profit-taking

Pi Network tests 50-day EMA support on Friday, after a 5% decline the previous day. PiScan data shows large deposits on CEXs totaling over 4 million PI tokens in the last 24 hours, reflecting an exodus of investors taking profits.

Bitcoin Price Annual Forecast: BTC holds long-term bullish structure heading into 2026

Bitcoin Price Annual Forecast: BTC holds long-term bullish structure heading into 2026

Bitcoin (BTC) is wrapping up 2025 as one of its most eventful years, defined by unprecedented institutional participation, major regulatory developments, and extreme price volatility.

Bitcoin: No recovery in sight

Bitcoin: No recovery in sight

Bitcoin (BTC) price continues to trade within a range-bound zone, hovering around $67,000 at the time of writing on Friday, and falling slightly so far this week, with no signs of recovery.