{"id":497666,"date":"2022-10-02T09:18:04","date_gmt":"2022-10-02T06:18:04","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology\/"},"modified":"2022-10-02T09:18:04","modified_gmt":"2022-10-02T06:18:04","slug":"transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology\/","title":{"rendered":"# Transit Swap loses over $21M due to internal bug hack, issues apology"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a28149c70193\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a28149c70193\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology\/#%E2%80%9D_Transit_Swap_loses_over_21M_due_to_internal_bug_hack_issues_apology_%E2%80%9C\" >&#8221; Transit Swap loses over $21M due to internal bug hack, issues apology &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Transit_Swap_loses_over_21M_due_to_internal_bug_hack_issues_apology_%E2%80%9C\"><\/span>&#8221; Transit Swap loses over $21M due to internal bug hack, issues apology &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-6ebd806f>Transit Swap, a multi-chain decentralized exchange (DEX) aggregator, lost roughly $21 million after a hacker exploited an internal bug on a swap contract. Following the revelation, Transit Swap issued an apology to the users while efforts to track down and recover the stolen funds are underway.<\/p>\n<p>\u201cWe are deeply sorry,\u201d stated Transit Swap while revealing that a bug in the code allowed a hacker to make away with an estimated $21 million. Blockchain investigator Peckshield narrowed down the attack to a compatibility issue or misplaced trust in the swap contract. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"zxx\" dir=\"ltr\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/KJ7u5xoxBp\">pic.twitter.com\/KJ7u5xoxBp<\/a><\/p>\n<p>\u2014 Transit Swap | Transit Buy | NFT (@TransitFinance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/TransitFinance\/status\/1576411330453479424?ref_src=twsrc%5Etfw\">October 2, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nPeckshield, along with other investigators, including SlowMist, Bitrace and TokenPocket joined in on the pursuit to track down the hacker. Transit Swap stated:<\/p>\n<blockquote><p>\u201cWe now have a lot of valid information such as the hacker&#8217;s IP, email address, and associated on-chain addresses. We will try our best to track the hacker and try to communicate with the hacker and help everyone recover their losses.\u201d<\/p><\/blockquote>\n<p>The flowchart below depicts the flow of the stolen assets, as shared by Peckshield.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-10\/1f12e7d4-d884-456d-abf1-d494eac7e1ad.jfif\"><\/figure>\n<p>The ongoing investigation hinted that the hacker may have performed earlier withdrawals from known exchanges. Transit Swap has promised to share more details with the community in due time, adding that \u201cThank you for your understanding and trust.\u201d<\/p>\n<p>Transit Swap has not yet responded to Cointelegraph\u2019s request for comment.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was<\/em><\/strong><\/p>\n<p>Reciprocating the updated security measures implemented by crypto businesses, hackers continue to evolve their methods to dupe investors. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/MEV?src=hash&amp;ref_src=twsrc%5Etfw\">#MEV<\/a> A very profitable MEV bot, internally named as 0xbad, was somehow tricked\/hacked with 1,101 ETH loss (~$1.45M) in the following tx: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/FxXSY8AyhX\">https:\/\/t.co\/FxXSY8AyhX<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1574809710653571074?ref_src=twsrc%5Etfw\">September 27, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Recently, a hacker used an Ethereum (ETH) arbitrage trading bot to exploit a \u201cbad code\u201d vulnerability for draining 1,101 ETH, which was around $1.41 million at the time of writing.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Transit Swap loses over $21M due to internal bug hack, issues apology &#8220; Transit Swap, a multi-chain decentralized exchange (DEX) aggregator, lost roughly $21 million after a hacker exploited an internal bug on a swap contract. Following the revelation, Transit Swap issued an apology to the users while efforts to track down and recover&#8230;<\/p>\n","protected":false},"author":1,"featured_media":497667,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvYTVmMjJkN2UtNmYxNC00Y2NiLThjMWYtNzU2ODVhNDA0NjJiLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74877,75916,74891,74882,70944],"class_list":["post-497666","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-decentralized-exchange","tag-dex","tag-ethereum","tag-hacks","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/497666","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=497666"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/497666\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/497667"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=497666"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=497666"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=497666"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}