Update, Jan. 27, 9:15 am UTC: This article has been updated to add a post-mortem report from Matcha Meta and clarifications regarding the total amount lost to the SwapNet exploit.
SwapNet, one of the primary liquidity providers for decentralized exchange (DEX) aggregator Matcha Meta, suffered a security breach on Sunday, in the latest cyberattack tied to exploiting smart-contract vulnerabilities.
Matcha Meta disclosed the SwapNet breach in a post on X on Sunday, warning that users who had previously granted token approvals to SwapNet’s router contract may be at risk. The protocol urged users to immediately revoke all approvals granted to SwapNet’s router contract to prevent further losses.
SwapNet’s smart contracts were exploited for a total of $13.34 million, affecting 20 Matcha Meta users. However, users who opted for the default “One-Time Approval” setting were not affected by the exploit, said Matcha Meta in a post-mortem report published on Tuesday.
Blockchain security firm CertiK said the exploit stemmed from an “arbitrary call in @0xswapnet contract that let attacker to transfer funds approved to it.” Matcha Meta highlighted that the exposure was linked to SwapNet rather than to its own infrastructure.
Blockchain security company CertiK also estimated that around $13.3 million was taken, while PeckShield said at least $16.8 million was stolen on the Base network. Matca Meta’s post-mortem clarified that the final loss amounted to $13.3 million, with the additional $3.4 million attributed to the Aperture Finance incident, a separate and unrelated event.
The incident comes two weeks after another smart-contract exploit resulted in $26 million in losses from the offline computation protocol Truebit and a 99% crash for the Truebit (TRU) token, Cointelegraph reported on Jan. 8.
Related: Bitcoin investor loses retirement fund in AI-fueled romance scam
Smart contracts the biggest target for crypto hackers
Smart-contract flaws have emerged as the leading cause of crypto losses. Smart-contract vulnerabilities accounted for 30.5% of all the crypto exploits in 2025, with 56 cybersecurity incidents, according to SlowMist’s year-end report.
Account compromises and hacked X accounts accounted for 24% in second place.
Related: Fake MetaMask 2FA security checks lure users into sharing recovery phrases
Security researchers say advances in artificial intelligence are also reshaping how vulnerabilities are identified.
In December, commercially available generative AI agents uncovered $4.6 million worth of smart-contract exploits in existing protocols, through Anthropic’s Claude Opus 4.5, Claude Sonnet 4.5 and OpenAI’s GPT-5.
Magazine: Meet the onchain crypto detectives fighting crime better than the cops
