The team claims that hackers stole $150,000 by exploiting a weakness in the settlement contract for CoWSwap. The money lost came from fees that the DeFi platform had collected. The good news is that none of the protocol’s user monies were impacted by the theft.
COW/USDT 4-hour chart | Source: TradingView
CoWSwap Loses $150,000 In Exploit
Official statement: https://t.co/G5P4i0PQ9n
— Hasu⚡️🤖 (@hasufl) February 7, 2023
Even though their settlement contract was affected, CoWSwap emphasized that traders do not need to “worry or rescind” transactions because of the non-custodial nature of their business.
To convince traders that the hack had been stopped, they stressed that all trading activities were atomic. Data from Dune reveals that CoWSwap had received fees of about $17.3 million before this hack.
We are aware of an issue that has impacted the fees that CoW Protocol has collected over the past week.
We have mitigated the issue and are conducting an investigation.
Traders are in no way affected.
More details to follow.
— CoW Swap | Better than the best prices (@CoWSwap) February 7, 2023
CoWSwap claims to be looking into the incident right now. Analysts’ breakdown revealed that the hacker was focused, nevertheless. They specifically targeted the CoWSwap settlement contract, which holds the payments that the protocol has been collecting during the week. The contract doesn’t deal with user payments as a safety precaution. The wallet owner must sign an order approving the transaction to gain access. The hacker won’t have access to the user’s “limit-buy amount” until after that.
On the Gnosis Protocol v2, CoWSwap collects prices from decentralized exchanges like Uniswap and other aggregators. For increased liquidity and defense against Maximal Extractable Value (MEV) assaults, orders are settled peer-to-peer or from on-chain liquidity sources using batching, where transaction sequencing is rendered unimportant.
Within hours of CoWSwap joining other DeFi protocols like Balancer, Yearn Finance, and MakerDAO in a clever push to highlight DeFi’s benefits, the attack occurred. Each participant would tweet about the other.
Read more:
- During A Cyberattack On Mailchimp, Yuga Labs’ Account Was Exposed But NFTs Are Safe
- DCG Bought CoinDesk In 2016 For $500,000 But It May Be Forced To Sell The Crypto Publication And File For Bankruptcy
- Ripple’s Fate To Be Decided As Legal Decision Looms After FTX Crash