CoWSwap has been hacked for $150,000

The team claims that hackers stole $150,000 by exploiting a weakness in the settlement contract for CoWSwap. The money lost came from fees that the DeFi platform had collected. The good news is that none of the protocol’s user monies were impacted by the theft.


COW/USDT 4-hour chart | Source: TradingView

CoWSwap Loses $150,000 In Exploit

Even though their settlement contract was affected, CoWSwap emphasized that traders do not need to “worry or rescind” transactions because of the non-custodial nature of their business.

To convince traders that the hack had been stopped, they stressed that all trading activities were atomic. Data from Dune reveals that CoWSwap had received fees of about $17.3 million before this hack.

CoWSwap claims to be looking into the incident right now. Analysts’ breakdown revealed that the hacker was focused, nevertheless. They specifically targeted the CoWSwap settlement contract, which holds the payments that the protocol has been collecting during the week. The contract doesn’t deal with user payments as a safety precaution. The wallet owner must sign an order approving the transaction to gain access. The hacker won’t have access to the user’s “limit-buy amount” until after that.

On the Gnosis Protocol v2, CoWSwap collects prices from decentralized exchanges like Uniswap and other aggregators. For increased liquidity and defense against Maximal Extractable Value (MEV) assaults, orders are settled peer-to-peer or from on-chain liquidity sources using batching, where transaction sequencing is rendered unimportant.

Within hours of CoWSwap joining other DeFi protocols like Balancer, Yearn Finance, and MakerDAO in a clever push to highlight DeFi’s benefits, the attack occurred. Each participant would tweet about the other.

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like