NowSwap Is The Latest Hack Victim In The Recent Wave of Defi Attacks, Consequently Suffering $1m Losses

2021-09-15 17:48:39
The DeFi Hacking Trend Continues

NowSwap protocol losses $1m after it becomes the latest DeFi hack victim in the recent series of cyber-attacks on several prominent operators. According to the report by PeckShield, during the cyber attack, the hackers took 535.000 USDT and an additional 158 WETH. In order to successfully pull the hack, the attackers integrated an invalid ‘K’ value check into the contract pair of NowSwap.

Afterwards, they just did the same thing that pretty much all of the other DeFi hackers do. Converted the USDT funds to Ethereum via 1 inch, only to further transfer them to Tornado Cash.

The reason for that is because Ethernet Square operates as an anonymous trading platform. As such, it makes it practically impossible for investigators to find any essential leads in order to further develop the case. And it’s definitely not the first time that hackers use Tornado Cash in order to conveniently exchange the ‘crypto loot. Especially due to the anonymity that this service provides.

However, it seems that crypto hackers are finding new and ‘creative’ ways to bypass certain protocols and perform a cyber attack. As a matter of fact, it is safe to say each and every DeFi attack is a product of meticulous planning and observation.

Hence, it is no wonder that in the past few months there have been a number of cyber-attacks on several DeFi protocols. And with rather big consequences as well.

Other DeFi Victims

The DeFi protocol PolyNetwork is in the history books as suffering the biggest DeFi hack ever. Specifically, on the 10th of August, hackers took a whopping 610m. By overriding ‘bookkeepers’ permission, the attacker successfully transferred the $610m to three separate wallets of Binance, Ethereum and Polygon. Luckily, in this instance, the hacker returned the funds via a private key. However, it will still go down as the biggest DeFi hack of all time.

Cream Finance is also a victim of one of the biggest crypto heists so far. In fact, Cream Finance suffered two cyber-attacks this year alone. The first back in February cost the company $37.5m. The second attack in August saw Cream losing $29m. All in all, losing a total of $66.5m, in a little over six months. During the last attack in August, the hackers exploited an error in the integration of the AMP into the Cream protocol.


DAO Maker is another on the list of hacked DeFi protocols. During the August 2021 attacks, DAO lost more than $7m in USDC, affecting between 9.000 and 10.000 accounts. After successfully pulling off the scam, the hacker converted the funds into Ethereum, and simply vanished.

Neko Network is yet another victim of crypto hackers. Immediately after PolyNetwork suffered that historic attack, Neko lost more than $2m in a similar procedure. After stealing more than 1 BTCB, 2m USDT and 390.000 BUSD, the hackers relied to PancakeSwap on Binance Smart Chain to exchange the funds in BNB. However, unlike PolyNetwork, in this instance, the hacker returned a very small amount of the missing funds.

The hack on the NowSwap DeFi protocol is a clear warning sign that the companies in this line of business should take extra precautions. Considering that not a month goes by without news outlets reporting similar attack on a fellow DeFi operators. Hence, it remains to see how these protocols will deal with similar cyber attacks in the future. And will we see a more permanent solution will emerge out of this current chaos?



Related Posts

Leave a Reply