CoW Swap, a comparatively new decentralized exchange (DEX), has been exploited. The attacker has siphoned over $180,000 in funds.

Hackers are currently exploiting the CoW Swap decentralized exchange and moving the funds. At least $123,000 in DAI, $50,000 in BNB, and $7,400 in ETH are moving using two wallets.

Crypto service PeckShield reported on the incident, detailing how the exploit actually took place:

It seems (1) @CoWSwap's GPv2Settlement contract has been tricked 10 days ago to approve SwapGuard for DAI spending and (2) SwapGuard was just triggered to transfer out DAI from GPv2Settlement. Here are the two related txs: https://t.co/Tb8Sk5xqMR and https://t.co/JS7ejDhiAs https://t.co/Wpbeq4UoEP pic.twitter.com/oRWIzeOLzz — PeckShield Inc. (@peckshield) February 7, 2023

The attacker seems to have used CoWSwap’s GPv2Settlement contract and was tricked ten days ago into approving SwapGuard for DAI spending. This was followed by using triggering SwapGuard to transfer out DAI from GPv2Settlement. The SwapGuard function reportedly allows anyone to make arbitrary function calls. The current sum that is exploited exceeds $180,000.

The exploiter appears to be active as recently as a few hours ago. Some are also reporting that others are using the same exploit, fighting over what little funds remain. CoW Swap is yet to make an official statement on the incident.

Copycats have begun fighting over the remaining scraps: https://t.co/2wnn0YCcZX — MevRefund (@MevRefund) February 7, 2023

The incident marks yet another incident in the DeFi space, which is the prime target for attackers. The DeFi market saw billions stolen in 2022, and 2023 has already seen several incidents.

What Is CoW Swap?

CoW Swap is a fairly new DEX that uses “Coincidence of Wants” as a part of its method of matching and executing orders. It combines both on-chain and off-chain transactions to execute orders.

The platform made headlines last year when it launched the airdrop for the COW token. The associated Gnosis chain and its token also benefited from this, with the GNO token rallying by over 50% after the announcement.

$COW token is finally expected to unlock around 3pm UTC today.

This will kick off a 12 week $COW liquidity mining program on @ethereum & @gnosis chain aginst $ETH and $GNO pairs.

On Ethereum $COW pool will be on @BalancerLabs & on gnosis chain it will be on @SwaprEth. — DeFi Airdrops 🦇🔊 (@defi_airdrops) March 28, 2022

More recently, CoW Swap launched “Surplus-Capturing” Limit Orders. This allows traders to set prices at which they can buy or sell assets.

Gnosis Has Evolved Over the Years

The Gnosis network, which first launched in 2015, has also seen several updates. Gnosis Safe launched SafeDAO and Safe Token in September 2022. The mission is to make ownership in web3 more accessible, collaborative, and secure. Sage was a rebranding of Gnosis Safe.

1/📢 Important News:

We are announcing a strategic funding round of $100 million led by @1kxnetwork to advance digital asset management and unlock ownership for everyone.

Read more:https://t.co/hUzlAZiXYO — Old account 👉 follow @safe (@gnosisSafe) July 12, 2022

Gnosis also experienced its own merge that saw it transition to proof-of-stake. It currently has over 100,000 validators as part of its network.