Ethereum-based AirSwap detected a vulnerability in its AirSwap smart contract. The flaw was discovered by the internal security team, which noticed the flaw on Thursday. The team revealed the information through a medium post. The problem seemed to be in the mainnet of the smart contracts.
The flaw can be exploited by any attackers to perform swaps with other parties without their consent. The hacker could process the swaps without requiring the signature from the other party.
The problem was created because of a tainted code. The team reported that the code was active for less than a day and the damage was minor. Reportedly only a few addresses were affected.
The team, after detecting the issue, immediately turned back to the original smart contracts. The AirSwap Instant smart contracts were restricted. AirSwap Instant was reintroduced after a thorough check revealing that the system was no longer affected by the vulnerability.
The developing team also conducted lots of emergency procedures to minimize the damage. The team searched for affected users and started the process of de-risking. In de-risking, the management secures user data and assets without alerting the entire network.
AirSwap team also issued an apology to all affected users. The te stated that it would learn from the current situation to ensure another such accident does not occur. Moreover, the team believed that these experiences would allow it to provide a more secure and efficient trading environment.
The crypto sphere is seeing lots of hacking/criminal activity. The criminals are trying to steal cryptocurrencies any way they can, and although some have been sentenced to jail, it seems they still haven’t learned their lesson.