A quick response from a number of blockchain security companies helped recover about 70% of the $23 million to use the decentralized exchange (DEX) transit swap pool.
The DEX pool lost funds after an internal barter contract bug was exploited by a hacker on October 1, prompting the Transit Finance team to respond quickly, along with security firms Peckshield, SlowMist, Bitrace and TokenPocket, who were able to operate quickly outside of a private IP address. . Hacker, email address and associated string addresses.
That effort seems to have already paid off, as less than 24 hours after the hack, Transit Finance noted that “thanks to the combined efforts of all parties,” the hacker returned 70% of the stolen assets to two addresses, equivalent to approximately $16.2 million.
According to BscScan and EtherScan, the money came in the form of 3,180 Ether (ETH) worth $4.2 million, 1,500 Binance-Big Ethereum worth $2 million, and 50,000 billion BNB worth $14.2 million.
In the latest update, Transit Finance stated that “the project team is in a hurry to collect specific data of stolen users and develop a specific recovery plan”, but also remains focused on recovering the last 30% of stolen funds.
At present, security companies and project teams from all over are still monitoring the hacking incident and communicating with the hacker via email and sequencing methods. The team will continue to work hard to bring back more assets.”
Related: $160 million heist from crypto market creator Wintermute
Cybersecurity firm SlowMist noted in an analysis of the incident that the hacker exploited a vulnerability in the Transit Swap smart contract token that arose directly from the transferFrom() function, which essentially allowed users to move tokens directly to an exploit address:
“The main reason for this attack is that the Transit Swap protocol does not accurately check the data that the user passes during the exchange of tokens, which leads to the problem of random outgoing calls. The attacker exploited the problem of random outgoing calls to steal the tokens that the user agreed to exchange on the way.”