70% of $23 million stolen through transit swap ‘hacks’ has been returned, says hacker

The funds returned so far have come in the form of Ether, Binance-pegged ETH and BNB ($14.2 million).

In an examination of the incident, SlowMist determined that the hacker exploited a flaw in the smart contract code of Transit Swap, which allowed tokens to be transferred directly to the hacker’s address via the transferFrom() function.

An investigation into the $23 million hack of decentralized exchange aggregator Transit Swap has revealed that around 70% of the stolen funds have been returned.

On Oct. 1, an internal flaw occurred on the DEX aggregator’s swap contract, resulting in a quick response from Transit Finance’s team and security firms Peckshield, SlowMist, Bitrace, and TokenPocket, who were able to quickly identify the hacker’s IP, email address, and associated chain addresses.

It appears these efforts have already borne fruit, as less than 24 hours after the hack, Transit Finance noted that “with joint efforts of all parties” the hacker returned 70% of the stolen assets to two addresses, equating to roughly $16.2 million.

BscScan and EtherScan said that 3,180 Ether ($4.2 million), 1,500 Binance-Peg ETH and ($2 million) and 50,000 BNB ($14.2 million) came in this round.

According to Transit Finance, the project team is currently working on gathering specific data concerning the stolen users in order to come up with a precise return plan. In addition, they are still trying to collect the last 30% of stolen money.

The security companies and project teams of all parties are still working hard to track the hacking incident and communicate with the hacker via email and on the blockchain at present. The team will continue to work hard to recover more assets,” the firm said.

An alleged $160 million crypto market maker has been hacked, according to reports.

SlowMist, a cybersecurity firm, analysed the hack and found that the smart contract code of Transit Swap was vulnerable, which allowed users’ tokens to be transferred directly to the attacker’s address.