Transit Swap: Decoding the curious case of lost-and-partially found
On 1 October, 2022, Transit Swap, was the latest victim of a hack wherein the organization lost $23 million. However, within 24 hours of the attack, the DEX aggregator received 70% of the stolen $23 million. This was due to a swift response from many blockchain security firms.
The DEX aggregator lost the funds on 1 October after the hacker took advantage of an internal flaw in a swap contract. The Transit Finance team and security firms Peckshield, SlowMist, Bitrace, and TokenPocket responded quickly. Together, these organizations were able to identify the hacker’s IP address, email address, and associated-on-chain addresses.
The events of the day
Less than 24 hours after the hack, Transit Finance reported that “through combined efforts of all parties,” the hacker returned 70% of the stolen funds to two addresses. This came up to a total of $16.2 million recovered from the hacker.
According to BscScan and EtherScan, these monies were distributed as 3,180 Ethereum [ETH] worth $4.2 million, 1,500 Binance-Peg ETH worth $2 million, and 50,000 Binance Coin [BNB] worth $14.2 million.
???Updates about TransitFinance
1/5 We are here to update the latest news about TransitFinance Hacking Event. With the joint efforts of all parties, the hacker has returned about 70% of the stolen assets to the following two addresses:
— Transit Swap | Transit Buy | NFT (@TransitFinance) October 2, 2022
In its most recent update, Transit Finance stated that it was dedicated to retrieving the remaining 30% of the stolen funds.
“The project team is rushing to collect the specific data of the stolen customers and design a detailed return strategy.”
The hunt for the hacker
In addition to SlowMist, Bitrace, and TokenPocket, Peckshield joined the hunt for the hacker. According to Transit Swap, they had a tonne of trustworthy information, including the hacker’s IP, email address, and relevant on-chain addresses.
Furthermore, as of 3 October, the security companies and project teams of all parties are still keeping tabs on the hacking incident. Attempts to communicate with the hacker via email and on-chain methods are also underway. The team further promised to keep working hard to locate the rest of the stolen assets.