Blockchain security platform PeckShieldAlert has flagged a major security breach involving SwapNet, affecting users who interact through Matcha Meta. Meanwhile, attackers exploited token approvals to drain $16.8 millions in crypto.
PeckShieldAlert data reveal how disabled safety settings exposed users to unexpected losses.
According to PeckShieldAlert, the hack did not happen due to a flaw in Matcha Meta itself, but because of how some users managed token approvals.
Matcha Meta offers a One-Time Approval feature, which limits token access to a single transaction. However, users who turned off this feature and instead gave direct, long-term allowances to individual aggregator contracts exposed themselves to higher risk.
Attackers took advantage of these permanent approvals linked to SwapNet. Once access was granted, the hacker could move funds freely without needing further user confirmation. This is how wallets were drained without users actively signing new transactions.
Blockchain data shows that the attacker focused heavily on the Base network. Around $10.5 million worth of USDC was swapped for roughly 3,655 ETH. Shortly after, the attacker began bridging the funds from Base to Ethereum, a common tactic used to reduce traceability.
Additional transaction records reveal large USDC transfers exceeding $13 million, along with Uniswap V3 liquidity interactions. Altogether, PeckShieldAlert estimates that approximately $16.8 million in crypto was stolen.
Matcha Meta quickly acknowledged the incident and confirmed it is working closely with the SwapNet team. As an immediate step, SwapNet temporarily disabled its contracts to prevent further exploitation.
To protect users going forward, Matcha Meta removed the option to set direct aggregator allowances, ensuring this type of exposure cannot happen again. The platform also urged users to revoke all existing approvals outside of 0x’s One-Time Approval contracts, especially those linked to SwapNet’s router contract.
Investigations are ongoing, and both teams have promised continuous updates as they work to understand the full impact and monitor the stolen funds.
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
After nearly nine years of inactivity, an Ethereum wallet has reactivated, transferring 50,000 ETH, worth…
Japanese Bitcoin treasury company Metaplanet has revised its outlook upward, expecting 2025 revenue of about…
Bitcoin price has been under pressure since October, dropping over 30% from its all-time high…
Binance has announced the launch of six new spot trading pairs starting January 27, 2026,…
Despite being one of the popular cryptos, the Solana price is currently one of the…
Q2 2026 is close enough that positioning has started to matter again. When the market…
