Hacker Exploits Transit Swap Aggregator And Steals Over $20 Million

Transit Swap, a decentralized exchange (DEX) aggregator, announced recently that its platform was hacked. The aggregator, which is supported by TokenPocket, a large crypto wallet in China, lost over $20 million from the exploit.

Hacker Returns 70% Of Stolen Funds 

According to Transit Swap, the attacker exploited a bug in the platform’s code. Meanwhile, the aggregator noted that it has valid information about the hacker, such as the email address, associated on-chain addresses, and IP. 

The platform apologized to users promising to track and communicate with the hacker to return the stolen funds. Also, the platform stated that it is working with various platforms like PeckShield, Bitrace, SlowMist, TokenPocket, and TransitFinance to recover the stolen funds.


Crypto Comeback Pro is the #1 cryptocurrency trading robot for investors! This trading tool has a %88 winning rate on trades and is the recommended trading software for cryptocurrency traders. Try The Trading Software For FREE Today. (Advertisement)


Meanwhile, a recent update from Transit Swap on October 2nd proves that the aggregator’s efforts were successful. According to Transit Swap, the hacker sent back 70% of the stolen funds using two addresses. 

However, the team is still fighting to recover the rest of the funds. SlowMist, a blockchain security company, stated the hacker made a profit of 1.07 million BUSD as the asset was transferred. 

Users Ask Transit Swap To Cover Up The Remaining Funds 

SlowMist also stated that: 

“During the process of token exchange, Transit Swap does not conduct stringent checks on the data that is handed in by the user. This results in the issue of arbitrary external calls. The attacker took advantage of this weakness using an arbitrary outside call in order to exploit the tokens that the users had allowed.”

Users of the platform have asked Transit Swap to make up the rest of the funds if the attacker does not return it. According to them, the DEX is responsible for the exploit.

The attack would not have been possible if the exchange had been vigilant. Moreover, this is not the only attack that has occurred in the past weeks.

This attack is the third that has occurred in the past weeks. The pattern has been similar to the previous attacks.

MEV Bot Loses Over $1.45 Million 

Usually, the hackers capitalize on a bug or faulty code to exploit these DeFi protocols and addresses. Last week, an MEV bot made more than $1 million in an arbitrage trade.

Unfortunately, the bot lost $1.45 million in just one hour. A hacker had taken advantage of a bad code in the bot to approve the transfer of the assets.

Prior to the MEV attack, Profanity recorded some attacks from hackers. The team of the 1inch network stated that addresses created by Profanity, the vanity address tool, were open to attacks.

Also, the team added that hackers have already exploited some wallet addresses. Hackers have gotten more skillful in carrying out their attacks and breaching DeFi protocols.


Crypto Comeback Pro is the #1 cryptocurrency trading robot for investors! This trading tool has a %88 winning rate on trades and is the recommended trading software for cryptocurrency traders. Try The Trading Software For FREE Today. (Advertisement)


This strengthens the need for blockchain and DeFi platforms to conduct extensive security checks before and after deploying codes.


Chip Timing Global is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Some of the content on this site is paid content that is not written by our authors and the views expressed do not reflect the views of this website. Any disputes you may have with brands or companies mentioned in our content will need to be taken care of directly with the specific brands and companies. The responsibility of our readers who may click links in our content and ultimately sign up for that product or service is their own. Cryptocurrencies, NFTs and Crypto Tokens are all a high-risk asset, investing in them can lead to losses. Readers should do their own research before taking any action.


Leave a Reply

Your email address will not be published. Required fields are marked *

Chip Timing Global 2021 | All Rights Reserved | ✉ Contact | Disclaimer