BitRss.com latest World Crypto News

Search and discover the latest Cryptocurrency updated Stories in Categories

24-7 World Cryptocurrency News about Blockchain, Technology and much more, only from Top Leading Sources

DeFi Platform CoW Protocol Loses Over 550 BNB in Contract Exploit

7-2-2023 Blogs and more CryptoPotato 260 Print this Page
DeFi Platform CoW Protocol Loses Over 550 BNB in Contract Exploit
Decentralized finance (DeFi) protocol CoW Swap has suffered a smart contract exploit, leading to the loss of approximately 551 BNB ($181,600).
According to reports, the attacker added a wallet address as a “solver” of CoW Swap and invoked a transaction to approve DAI transfers to SwapGuard before moving the assets to other addresses.
A Settlement Contract Exploit
Blockchain surveyor MevRefund first noticed the attack in the early hours of today. The maximal extractable value (MEV) searcher tweeted that CoW Swap’s funds were being moved, adding that the protocol’s SwapGuard feature had been granted allowance and allowed anyone to make “arbitrary function calls.”
Within an hour, blockchain security firm PeckShield revealed that CoW Swap’s GPv2Settlement contract was tricked ten days ago, approving SwapGuard for DAI spending.
At the time of the exploit, the attacker just triggered the SwapGuard to transfer DAI out of the GPv2Settlement contract.
In a more detailed explanation, blockchain security platform BlockSec disclosed that the attacker had added a wallet address as a solver of the protocol by the multi-sig, hence, the ability to approve the transactions. Since the DAI transfer was approved from the settlement contract, the exploiter could also approve transfers to arbitrary addresses.

“A lesson learned. A contract with the interface of arbitrary call should not have any allowance, 0x55a37a2e5e5973510ac9d9c723aec213fa161919 made the mistake and approved the maximum value of DAI to SwapGuard, which is the root cause of the attack,” BlockSec said .

Over $181k Moved to Tornado Cash
Tokens transferred to the exploiter’s address include BNB, USDT, USDC, and ETH. So far, roughly 551 BNB worth over $181,000 has been moved to the OFAC-sanctioned crypto mixer Tornado Cash.
CoW Swap urged users not to worry, as the stolen funds were CoW Protocol’s accumulated fees from the past week. The platform said the issue has been mitigated and is currently under investigation.
CoW Protocol is the latest DeFi platform to suffer at the hands of daring hackers this month. CryptoPotato reported last week that Orion Protocol and BonqDAO were hacked, leading to the loss of $3 million and $10 million, respectively.
The post DeFi Platform CoW Protocol Loses Over 550 BNB in Contract Exploit appeared first on CryptoPotato .

BitRss.com shares this Contents always with License.

Thank you for Share!

    
Tumblr
LinkedIn
Reddit
VK
WhatsApp
Telegram
Cool to know huh? Read the full Article

Read the full Article:  ⭲ DeFi Platform CoW Protocol Loses Over 550 BNB in Contract Exploit


Related News


Search about Crypto News


BITRSS | CRYPTOCURRENCY WORLD NEWS

The latest Top News, only from Leading exponents of BlockChain, Bitcoin and different Accredited Crypto Currency Sources.

Since 2015, our Mission was to Share, up-to-date, those News and Information we believe to represent in an Ethical and sincere manner the current Crypto Currencies World: everything you are looking for, in one place!

We have always tried to give priority to the News; for this reason we have designed BitRss.com simple and intuitive, usable by all Devices, fast and effective.


| LEARN MORE ABOUT |

Today Most Popular News


Utility

Links


Dokky PRO - Bookcase Shop Script
All Rights Reserved BitRss World Crypto News | Market BitRss | Crypto Deals | Short Urls
Design By New Web Network | ScriptNet Solutions