​Project Transit Swap hacker recovered $14.2 million

At this time, the platform was able to return about 70% of the 21 million dollars lost in the hacking attack. They came in, ETH and BNB.

DEX-Aggregator lost money after the hacker used an internal error in the swap contract on October 1. Because of that, the project team had to react quickly with security companies Peckshield, SlowMist, Bitrace, and TokenPocket, who could soon figure out the hacker's IP address, email address, and associated chain addresses.

And apparently, nothing motivates you to get back what you stole more than the secret trick of "kicking ass." Because less than 24 hours after the hack, Transit Finance noted that "through the combined efforts of all parties," the hacker recovered 70% of the stolen assets to two addresses, amounting to approximately $16.2 million.

"Security companies and project teams from all parties are still monitoring the hacking incident and communicating with the hacker via email and on-chain methods. The team will continue to work hard to recover more assets," the project said. 

Cybersecurity firm SlowMist noted in its analysis of the incident that the hacker exploited a vulnerability in the Transit Swap smart contract code that came directly from the transferFrom() function, which essentially allowed user tokens to be transferred directly to the exploiter's address.