Crypto Thief Steals Over $180,000 from DeFi CoW Swap

Hackers recently exploited the CoW Swap decentralized exchange, siphoning over $180,000 in funds. Two wallets were used to move around $123,000 in DAI, $50,000 in BNB, and $7,400 in ETH.

Crypto service PeckShield reported on the incident and outlined how the exploit was made possible through an approval from SwapGuard for DAI spending.

It seems (1) @CoWSwap's GPv2Settlement contract has been tricked 10 days ago to approve SwapGuard for DAI spending and (2) SwapGuard was just triggered to transfer out DAI from GPv2Settlement. Here are the two related txs: https://t.co/Tb8Sk5xqMR and https://t.co/JS7ejDhiAs https://t.co/Wpbeq4UoEP pic.twitter.com/oRWIzeOLzz

— PeckShield Inc. (@peckshield) February 7, 2023

The same exploit is being fought over by others as well, and CoW Swap has yet to make an official statement.

This is the latest incident in the DeFi space, which has been the prime target for attackers since billions were stolen in 2022.

Launched last year, CoW Swap is a relatively new DEX that uses “Coincidence of Wants” to match and execute orders. It recently launched the “Surplus-Capturing” Limit Orders feature, which allows traders to set prices at which they can buy or sell assets.

The platform also made headlines when it launched the COW token airdrop. The associated Gnosis chain and its token, GNO, saw its value surge by over 50% following the announcement.

TagsCrypto