A contract hack that allowed money transfers away from the platform recently resulted in the loss of at least 550 BNB (BNB) from an attack on the decentralized exchange (DEX) system known as CoW Swap.
MevRefund, a blockchain surveyor, discovered the incident and noted that the money appeared to be moving away from the CoW Swap exchange. The maximum extractable value (MEV) searcher informed the DEX and the users of the exchange about the vulnerability via a Twitter thread.
According to BlockSec, a business that analyzes smart contracts, a wallet address was allegedly added as a “solver” of CoW Swap by use of a multisig. The transaction to authorize DAI (DAI) to SwapGuard was then started by the address, which led to SwapGuard transferring DAI from the CoW Swap settlement contract to other addresses.
According to the blockchain security firm PeckShield, about 551 BNB, worth $181,600 at the time this piece was written, had been taken. The hacker forwarded the funds to the renowned cryptocurrency mixer Tornado Cash after stealing the assets.
The protocol for decentralized finance (DeFi), on the other hand, said that this is not necessary.
The study’s conclusions indicate that in 2017, cybercriminals connected to North Korea were responsible for the loss of cryptocurrency assets worth between $630 million and $1 billion.