In Brief
- SwapNet exploit drains $16.8M after users disabled one-time approval protections.
- Attacker swapped $10.5M USDC to ETH on Base before bridging to Ethereum.
- Matcha Meta disables affected contracts as security firms flag wider DeFi risks.
A security breach linked to SwapNet led to losses of about $16.8 million, affecting users interacting through Matcha Meta. The incident mainly impacted users who disabled one-time approvals, thereby exposing persistent token permissions.
Blockchain security firm PeckShieldAlert identified the exploit and traced the initial fund movements. The attacker targeted SwapNet router contracts that retained unlimited approvals from affected user wallets.
On the Base network, the attacker exchanged roughly $10.5 million in USDC for about 3,655 ether. Soon after, the attacker began bridging the converted assets to the Ethereum mainnet to complicate tracking.
SwapNet operates as a liquidity router used by Matcha Meta to source pricing and deep liquidity. The exploit involved abusing existing approvals rather than breaching private keys or core infrastructure.
Matcha Meta, built by the 0x team, confirmed the issue and immediately disabled affected SwapNet contracts. The platform also removed the option allowing users to grant direct approvals to third-party aggregators.
Investigation Expands as Security Firms Flag Wider Risks
Further analysis suggested the exploit stemmed from an arbitrary call vulnerability within SwapNet contracts. This flaw allowed attackers to transfer approved tokens without requesting new permissions.
Security firm BlockSec reported that multiple contracts across chains suffered losses exceeding $17 million. Affected networks included Ethereum, Arbitrum, Base, and BNB Chain, increasing the incident’s scope.
Separately, CertiK estimated that stolen funds near $13.3 million in USDC from related activity.
Some contracts involved remained closed-source and unverified at deployment.
Matcha Meta later confirmed that 0x core contracts were not affected by the incident.
Users relying on one-time approvals through 0x infrastructure remained unaffected.
The incident renewed scrutiny around persistent token approvals in decentralized finance.
Unlimited permissions offer convenience but increase exposure during smart contract failures.
Meanwhile, on-chain investigator ZachXBT criticized Circle’s delayed response to freeze remaining USDC. Roughly $3 million reportedly remained at addresses eligible for freezing during the response window.
The breach adds to a growing list of DeFi security failures early in 2026. Industry data shows stolen crypto funds reached record levels in recent years, increasing pressure on protocol security practices.
|
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
IPO Dreams Shattered! Gemini Hit with Class Action Lawsuit for "Misleading Investors," Stock Price Plummets 80% with 25% Layoffs and Exit from Multiple Countries
Gemini cryptocurrency exchange is facing its biggest crisis since its IPO, as it has been accused of providing false information in its listing documents, causing its stock price to plummet 80% and significant losses. The company has announced a 25% workforce reduction and withdrawal from multiple international markets, sparking serious market concerns about its operations. This incident may also impact the listing process of future crypto enterprises.
動區BlockTempo03-20 12:35
South Korean police arrested 19 people on suspicion of laundering tens of millions of dollars through unregistered virtual asset exchanges.
South Korean police arrested 19 members of a fraud ring suspected of money laundering and seized approximately 6 billion won in criminal proceeds. The gang used an unregistered virtual asset exchange to convert fraud cash into USDT and transfer it overseas, with money laundering amounts reaching hundreds of billions of won.
GateNews03-19 23:44
Seoul Police Bust Family Money Laundering Ring, Transfers Hundreds of Billions of Won Through Unregistered Cryptocurrency Exchange
Seoul police uncovered a money laundering case involving an unregistered virtual asset exchange, arresting 19 members with suspected proceeds totaling hundreds of billions of won. The group converted cash obtained from telecommunications fraud into Tether (USDT) and transferred it overseas. Police seized approximately 6 billion won in assets.
GateNews03-19 16:36
A CEX Commerce page requires users to input seed phrases, security researchers warn of serious security risks
A subdomain page of a certain CEX is requesting users to input their wallet mnemonic phrases, raising concerns from security researchers who view this practice as a serious risk. Analysts point out that the related help documentation has been removed, warning that the page could potentially be exploited for malicious attacks.
GateNews03-19 14:16
FTX $2.2 Billion Compensation Distributed in March, Creditors Still Unsatisfied
The FTX Bankruptcy Estate will distribute $2.2 billion to creditors on March 31st, marking the fourth distribution since 2025, with cumulative payouts reaching $10 billion. Compensation is calculated based on cryptocurrency asset values at the time of claim filing in 2022, which has sparked creditor dissatisfaction as actual asset values have risen significantly. Additionally, FTX founder Sam Bankman-Fried faces imprisonment, with speculation about potential pardons. A fifth distribution is planned for 2026.
MarketWhisper03-19 01:11
BITGIN Goddess Suspected of Money Laundering NT$150 Million, Prosecutors Seek 12-Year Sentence
Taiwan cryptocurrency exchange BITGIN involved in money laundering case. Among 10 defendants, the core suspects are the Zhang siblings, allegedly using the exchange to cover for a fraud ring laundering 150 million Taiwan dollars. Defendants include a lawyer and the actual operator. The case involves multiple money flows and offshore accounts that hindered investigations. Zhang Yuting previously guided police in tracing cryptocurrency but ultimately became an accomplice to fraud. The case remains under trial.
MarketWhisper03-18 03:44
