All About Crypto World

CoW Swap Hacker Milks Over 550 BNB Using ‘Solver’ Exploit

CoW Swap Hacker

Security Firm PeckShield Announced that the Hacker Successfully Drained about 551 BNB off CoW Swap into Tornado Cash, which was Worth around $181,600 at the hour of Writing.


Decentralized Exchange (DEX) Protocol CoW Swap recently Suffered an Attack, losing at least 550 BNB in a Contract Exploit that Approved Fund Transfers from the Protocol.

Blockchain Surveyor MevRefund Flagged the event and Recognized that the Funds Appeared to be Moving away from CoW Swap.The DEX and its users were warned of the Exploit by the MEV Searcher.

Block Sec said that a wallet address was added as asolver of CoW Swap.Then, the address conjured the transaction to approve DAI to SwapGuard, which then prompted SwapGuard transferring DAI from the CoW Swap Settlement contract to different addresses.

PeckShield, a blockchain security firm, estimated that around 551 BNB had been stolen, worth $181,600 at the time of Writing.After taking the assets, the hacker moved the funds to the notorious crypto blender Tornado Cash.

Flowchart showing movement of stolen funds
Source: PeckShield

During the attack, some members of the Community Overreacted and encouraged users to disavow approvals from the DEX. This isn’t required According to the Defi protocol.

According to CoW Swap, the settlement Contract which was Exploited just has access to the fees that the Protocol collected in seven days. The team said that it can’t Straightforwardly Access user Funds without an order Endorsed by Users.
In the mean time, despite the hacks that Encompass DeFi, the Space has had a prolific beginning in 2023 according to a report from DappRadar. Data showed that protocols saw significant growth in their Total value secured in the month of January.


Elsewhere in the World, the United Nations also Announced that North Korean Hackers have stolen more Crypto in 2022 compared to different years. The report estimates that hackers Connected to North Korea were liable for around $630 million to $1 billion in Stolen Crypto assets last year.

Spread the love