Sunday morning notifications of a cross-chain protocol losing millions.
Just like the good old days.
Transit Swap has lost $21M to a vulnerability which allowed an unknown attacker to drain the wallets of users who had approved the protocol's swap contracts.
But unfortunately for the hacker, over $1M was lost in transit… not all MEV bots are down 0xbad this week.
The team paused the affected contracts before announcing the incident on Twitter.
Then came an update that via “the joint efforts of the [@SlowMist_Team](/user/profile/SlowMist_Team) , the [@Bitrace_Team](/user/profile/Bitrace_Team) , the [@peckshield](/user/profile/peckshield) security team,” key info about the hacker, including their “IP, email address, and associated on-chain addresses” had been uncovered.
As the attacker’s anonymity began to slip away, it seems they had second thoughts. So far, over 70% of the funds have been returned.
Finding a vulnerability in an un