A CoW exploit protocol for DEX swaps worth over $180,000 USD has been stolen- An attacker exposed CoW Swap, creating room for more than $180,000 to lose.
- Funds have been drained from the platform in DAI, ETH, and BNB.
- CoW Swap says users’ funds will not be affected as only the last week’s fees are stored on the platform.
PeckShield, a blockchain security data and analytics company, has identified a CoW Swap DEX breach that led to a $180,000 exploit by an attacker.
According to PeckShield, the CoW Swap theft began about ten days prior to the time of the report. At the time, an attacker appeared to trick CoW Swap’s GPv2Settlement contract into approving SwapGuard to spend DAI. Having achieved this, follow up the attacker by running SwapGuard to transfer the DAI from the GPv2Settlement.
It appears that (1) CoWSwap’s GPv2Settlement contract was tricked 10 days ago into agreeing to SwapGuard to spend DAI and (2) SwapGuard was triggered to transfer DAI from GPv2Settlement. Here are the two linked scripts: https://t.co/Tb8Sk5xqMR and https://t.co/JS7ejDhiAs https://t.co/Wpbeq4UoEP pic.twitter.com/oRWIzeOLzz
– PeckShield Inc. (@pecksshield) February 7, 2023
PeckShield reveals attacker transferred funds from CoW Swap…
The DEX protocol after being subjected to more than $180,000 stolen CoW swaps debuted in Coin Edition.
