CoW Swap, a decentralized exchange aggregator, was compromised, resulting in the loss of almost $180,000 worth of crypto assets.
According to security companies PeckShield and BlockSec, decentralized exchange aggregator CoW Swap was the victim of a significant theft in which the hacker stole over $180,000 in cash.
CoW Swap’s mission as a decentralized exchange (DEX) aggregator is to give consumers with the cheapest pricing across all DEXs. However, a hacker attacked its smart contract for trade settlement, GPv2Settlement, to steal cash.
According to PeckShield, the attacker syphoned around $180,000 worth of DAI from CoW Swap before routing the money via Tornado Cash to purchase 551 BNB. The assault targeted GPv2Settlement, a smart contract for transaction settlement that is a component of the CoW Swap alpha (GPv2) protocol.
It seems that the attacker deceived the owner of the GPv2Settlement contract into authorising the usage of the SwapGuard, which is typically prohibited. SwapGuard is a second contract utilised by CoW Swap to aid and check swap outcomes, per PeckShield. This authorization may have contributed to the attack’s success since SwapGuard permits arbitrary function calls. arbitrary function calls enable anybody with access to a smart contract to run any function inside its code.
A spokesman for BlockSec informed The Block that the contract SwapGuard has a function that may transfer funds to any address. The attacker called the public function in order to get the DAI at their address.
The CoW Swap team said that the compromised settlement contract only has access to the fees collected by the protocol once per week and that the hacker was unable to access user cash directly. The company stated that a security vulnerability occurred when a hacker compromised a solver account, a participant who competes to provide users with the best transaction pricing.
CoW Swap is unlike typical decentralized exchanges (DEXs) in that users are not required to execute deals themselves. Instead, users sign a contract to swap two tokens at a predetermined price, which is then provided to third-party “solvers.” Each solution has access to the settlement contract, which typically holds costs for one week (before being used to reward solvers).
Cow Swap quickly cancelled all permissions for the impacted contract and updated it to a new contract without arbitrary execution code capability in reaction to the security incident. Since Cow Swap does not keep user funds, the company further reassured users that their money was never in danger. The solver’s bond will cover any incurred damages.
Also Read: SOL is now the tenth most-traded coin on the market