Ecosystem
Wallet

SwapNet Loses $16.8M In Smart Contract Exploit

profile-alexey-bondarev
Alexey Bondarev1 hour ago
#Hackers#DeFi
SwapNet Loses $16.8M In Smart Contract Exploit

SwapNet, a decentralized exchange aggregator, lost approximately $16.8 million in cryptocurrency assets after attackers exploited a compromised router contract that had been granted persistent token approvals by users who disabled a key security feature.

What Happened: DEX Aggregator Exploit

Security firm PeckShield reported the attack, which targeted SwapNet-linked activity accessible through Matcha Meta, a meta DEX aggregator built by the 0x team. The vulnerability affected users who had opted out of 0x's One-Time Approval system, granting direct permissions to underlying aggregator contracts.

On the Base network, the attacker converted roughly $10.5 million in USDC (USDC) into approximately 3,655 Ether (ETH) before bridging the funds to Ethereum (ETH).

The maneuver is a common tactic used to complicate tracking efforts.

"We are aware of an incident with SwapNet that users may have been exposed to on Matcha Meta for those who turned off One-Time Approvals," Matcha Meta said in a statement. The platform identified SwapNet's router contract (0x616000e384Ef1C2B52f5f3A88D57a3B64F23757e) as the most urgent approval for users to revoke.

Also Read: South Korean Prosecutors Lose $47M Seized Bitcoin To Phishing Attack

Why It Matters: Persistent DeFi Vulnerabilities

The incident underscores a fundamental tension in decentralized finance between convenience and security. One-Time Approvals require users to authorize each transaction individually, reducing persistent attack surfaces but adding friction for frequent traders. Unlimited approvals offer speed at the cost of granting smart contracts ongoing access to user funds.

SwapNet has not released a technical post-mortem or indicated whether affected users will receive compensation.

The same day, security auditor Pashov flagged a separate Ethereum mainnet exploit involving roughly 37 WBTC (WBTC), worth over $3.1 million, linked to a closed-source, unverified contract deployed just 41 days earlier.

About a month ago DeFi community was shocked by Trust Wallet hack.

Trust Wallet confirmed that approximately $7 million in cryptocurrency was stolen through a compromised browser extension update. The breach affected only version 2.68 of the Chrome extension, which was released on Dec. 24. Luckily, mobile wallet users remained unaffected. Changpeng Zhao, founder of Binance, which owns Trust Wallet, said the wallet would compensate all affected users.

Read Next: Why Are Whales Buying Seeker While Smart Money Sells?

Disclaimer and Risk Warning: The information provided in this article is for educational and informational purposes only and is based on the author's opinion. It does not constitute financial, investment, legal, or tax advice. Cryptocurrency assets are highly volatile and subject to high risk, including the risk of losing all or a substantial amount of your investment. Trading or holding crypto assets may not be suitable for all investors. The views expressed in this article are solely those of the author(s) and do not represent the official policy or position of Yellow, its founders, or its executives. Always conduct your own thorough research (D.Y.O.R.) and consult a licensed financial professional before making any investment decision.
Latest News
Show All News
Will Solana Reclaim $126 After Sharp Selloff?
54 minutes ago
Solana (SOL) extended its decline below $130 after failing to hold above $132 amid broader market weakness, while technical indicators suggest the token could test support near $115 if bulls fail to d
XRP Drops Below $1.88 As Bears Take Control
1 hour ago
XRP (XRP) extended its decline below $1.88 on Monday, with technical indicators confirming bearish momentum as the cryptocurrency trades beneath its 100-hourly simple moving average amid broader weakn
ZachXBT: $40M Stolen From U.S. Marshals By Crypto Contractor's Son
2 hours ago
Blockchain investigator ZachXBT has alleged that the son of the chief executive of CMDSS, a company contracted by the U.S. Marshals Service to custody seized digital assets, is responsible for the the
Related News
ZachXBT Reports Hundreds Of Wallets Drained For Under $2,000 Each Across Multiple Chains
Jan 02, 2026
An active exploit is draining hundreds of crypto wallets across multiple blockchain networks, with losses reaching approximately $107,000 and climbing
Nexera Severely Hit, Hackers Steal $1.5 Million From Young Blockchain Protocol
Aug 07, 2024
Nexera, a blockchain protocol, got hacked. They lost $1.5 million. It's a mess. The company used to be called AllianceBlock. They tweeted about the a
April 2025 Crypto Hacks Hit $92.5M: Ethereum, BNB Chain, and Base Targeted
May 05, 2025
Decentralized finance (DeFi) protocols lost $92.5 million across 15 separate hacking incidents in April 2025. According to the latest monthly report f
UXLINK Loses $11.3 Million In Multi-Signature Wallet Hack
Sep 22, 2025
Web3 social media platform UXLINK confirmed that hackers stole $11.3 million in cryptocurrency from its multi-signature wallet, causing the company's
Trust Wallet Confirms $7M Hack Through Compromised Browser Extension
Dec 26, 2025
Trust Wallet confirmed that approximately $7 million in cryptocurrency was stolen through a compromised browser extension update. The breach affected
Related Research Articles
Why DEX Exploits Cost $3.1B in 2025: Analysis of 12 Major Hacks
Oct 27, 2025
Lately the cryptocurrency world witnessed another devastating lesson in the fragility of decentralized finance. BunniDEX, a promising decentralized
Binance Under Siege? Theory Behind $1B Crypto Meltdown Explained
Oct 13, 2025
Billions in losses. Three collapsing assets. An eight-day window of vulnerability. Inside the theory that last week's historic crypto meltdown wasn't
The Liquidity Black Box: How Market Makers Shape Prices on CEXs and DEXs
Sep 27, 2025
Professional crypto market-making now represents a sophisticated ecosystem where firms deploy advanced algorithms, massive capital, and cutting-edge t
Which EVM Wallet Should You Use in 2025? Top 13 Secure, Multi-Chain, and Beginner-Friendly Options
Oct 30, 2025
By 2025, the Ethereum Virtual Machine (EVM) ecosystem has grown exponentially, and crypto wallets have become a linchpin of Web3 usage. The number of
How to Create a DeFi Exchange in 2025: Full Guide for Crypto Entrepreneurs
Aug 04, 2025
Decentralized Finance (DeFi) has emerged as one of the most disruptive forces in the financial world, offering a bold alternative to traditional banki
Related Learn Articles
DEX Security: Protecting Users in a Decentralized World
Jan 12, 2025
Decentralized exchanges (DEXs) have emerged as a cornerstone of the cryptocurrency ecosystem, offering users unprecedented control over their assets.
Protect Your Crypto Exchange Account: Advanced Security Strategies Explained
May 19, 2025
Social engineering has become the leading threat in the cryptocurrency ecosystem, targeting human behavior instead of technical flaws to breach securi
After FTX And Mt. Gox, Yellow Network Bets On A World Without Custodial Exchanges
Jan 20, 2026
Yellow Network is preparing to launch a hybrid digital asset trading platform built on its Layer-3 mesh network infrastructure, positioning itself as
DeFi Insurance Reality Check: Can On-Chain Protection Actually Save Investors?
Sep 03, 2025
The decentralized finance revolution promised financial freedom, but it delivered something else entirely: $3.8 billion in losses from hacks and explo
Social Engineering Attacks in Crypto: 10 Proven Tips to Keep Your Digital Assets Safe
May 13, 2025
Social engineering has emerged as the predominant threat vector in the cryptocurrency ecosystem, exploiting human psychology rather than technical vul
SwapNet Loses $16.8M In Smart Contract Exploit | Yellow.com