The crypto industry has tried to improve the security of most crypto assets and protocols using modern technological approaches. However, the problem of exploitation in the industry is more than ever. Bad actors are exploring various ways of hacking crypto tokens.
A new crypto exploit involving CoWSwap has hit the decentralized finance (DeFi) space. As a result, the decentralized exchange (DEX) lost more than 550 BNB tokens through the solver attack.
CoWSwap Suffers Smart Contract Hack
Blockchain security company, PeckShield, is the first report exploit in one of the CoWSwap smart contracts. Subsequently, DEX has lost approximately 551 BNB tokens worth approximately $181,600 at current crypto market prices.
According to a Twitter post, the security firm suspects that fraud in the GPv2Settlement DEX contract allowed SwapGuard to dump DAI. In addition, it noted a possible vulnerability that could affect some fund transfers from the DEX platform.
After the first report, MevRefund, a blockchain surveyor, sound another danger for decentralized protocols and users. It is noted that the protocol quickly loses funds through transfers from hackers.
Furthermore, PeckShield said that the attackers transferred crypto tokens to Tornado Cash, a famous crypto mixer, to hide their traces.
BlockSec, a smart contract auditing company, give more details on exploits in CoWSwap. The auditor pointed out that DEX received additional wallet addresses from multisig as a resolver. The address causes DAI transaction authorization to SwapGuard. Therefore, SwapGuard started transferring DAI from CoWSwap settlement contracts to other crypto addresses resulting in loss of funds.
This new exploit has caused panic among some community members as they advised CoWSwap users to withdraw their consent from the protocol.
In part, CoWSwap has react for the situation through the official Twitter page calming its customers. This shows that the exploit is affected by the fees collected during the last week, which are stored in the protocol settlement contract.
According to the team, the attacker was unable to access the customer’s funds. It further notes that users can only lose money when they authorize orders that include the purchase limit amount from potential buyers. Therefore, it assures the users of the safety of their funds while informing them that there is no need to cancel the agreement.
Crypto Hacks are on the rise over the years
The crypto space has witnessed an increasing level of hacking. In particular, the decentralized finance (DeFi) space is the fastest growing space in the crypto industry due to increased transparency. However, it has suffered more attacks than others.
A new report from on-chain analytics firm, Chainalysis revealed that the DeFi protocol has become a major victim of crypto exploitation. In addition, the analytical company notes that crypto hacks in 2022 are the most significant compared to previous years. According to the company, the crypto space will lose around $3.8 billion in 2022.
Data from Chainalysis further rates the DeFi protocol for 82.1% as a victim of the cumulative stolen crypto tokens through hacks.
Furthermore, the company notes that North Korea is associated with the highest number of crypto hacks as the country has the record for the most hacks in 2022 than any other year. It has been reported that North Korea-related hacking will be worth $1.7 billion by 2022.
Featured image from Pixabay, pixelcreatures chart from TradingView.com