Matcha Meta Security Flaw Leads to $16.8 Million Crypto Theft
Matcha Meta reports a SwapNet exploit impacting some users without one-time approval, prompting contract halts and security changes to prevent similar attacks.
CORE
Summary
Matcha Meta confirmed a SwapNet security incident that resulted in the theft of approximately $16.8 million. The breach affected users with one-time approval disabled, leading SwapNet to halt its contracts. Matcha Meta stated that core 0x contracts were not impacted and implemented changes to remove direct aggregator allowance setting to prevent future exploits. The incident targeted vulnerable user setups and prompted immediate security actions.
Terms & Concepts
- One-time authorization: A security feature requiring a single approval for specific account actions, reducing risk of unauthorized transactions.
- USDC: A U.S. dollar-backed stablecoin that maintains a 1:1 peg to the USD.
- Cross-chain transfer: The movement of cryptocurrency assets between different blockchain networks.