In today's edition of YIYL (You Invest, You Lose) we head back to the gift that keeps on giving, the so-called DEFI space, where the only thing that is DEFI'ing is logic, and the only thing that is decentralised is users getting to part ways with their money. I tend to enjoy watching people get rekt, it's a guilty pleasure for me, and I am not ashamed of it.
Some might learn that this is tuition to the school of hard knocks and recalibrate and learn others will blame everyone but themselves and find something else to get rekt on in the future. It's a fascinating study of human psychology and how bad people are at judging risk and opportunity.
So what was the epic fail this time? Well a so-called exchange named Transit Swap, positions itself as a multi-chain decentralized exchange (DEX) aggregator, where users can swap assets between chains got cleaned out.
Transit swap was always opening itself to attack running on 5 different blockchains, and supporting multiple assets. It supports swaps on ETH, BSC, TRON, MATIC, and HECO chain by Houbi. The more blockchains and assets you connect the more you open yourself up to a piece of code leaving you vulnerable and that's exactly what happened.
There is only 21 million LOL
Transit swap lost roughly $21 million after a user found a nifty back door and walked right in, exploiting an internal bug on a swap contract, and was handsomely rewarded. According to Blockchain investigator Peckshield they narrowed down the issue to a compatibility mistake in the swap contract.
Unlike some other White Hat hackers who would report it and get a free, it looks like this one is going for bank, and why should we blame him.
If someone leaves money open and lying on the ground, should you not pick it up? Following the embarrassment, Transit Swap issued an apology to the users while efforts to track down and recover the stolen funds are underway.
“We are deeply sorry,”
A hope of recovery
Transit swap claim they have a lot of valid information such as the hacker’s IP, email address, and associated on-chain addresses and will seek to recover the funds. They have tried to reach out to the user directly will try to communicate with the hacker and help everyone recover their losses. So we'll see if they can plead on a good nature of someone or will they go run to law enforcement to try and recover some of the funds.
Either way, it's still a royal cock up.
Sources:
Have your say
What do you good people of HIVE think?
So have at it my Jessies! If you don't have something to comment, "I am a Jessie."
Let's connect
If you liked this post, sprinkle it with an upvote or esteem and if you don't already, consider following me @chekohler and subscribe to my fanbase
| Earn Free bitcoin & shop | Earn Free Bitcoin & shop | Claim Free Bitcoin & Shop |
|---|---|---|
 |  |  |
Posted Using LeoFinance Beta