The platform stopped the auction, but it will be much more difficult to regain trust.
Anonymous crypto exchanges operating through Tor and not requiring verification of personality have long been considered one of the most protected parts of the crypto market. However, the recent RetoSwap hack has shown that even projects with a focus on privacy remain vulnerable to complex attacks. As a result of the incident, users lost about 7000 Monero, which at the time of the attack was estimated at about $ 2.7 million.
RetoSwap is built on the Haveno protocol and allows you to conduct P2P deals with Monero without intermediaries and KYC-checks. After the attack was discovered, the platform’s team urgently stopped trading and launched an investigation.
According to PeckShield and RetoSwap developers, the attacker took advantage of a critical error in the Aedno arbitration mechanism. Hacker pretended to be a legitimate arbiter and sent fake confirmations to the system. As a result, the protocol changed the address of the multisig wallet to the controlled attacker. The funds were withdrawn even before the creation of a protected escrow-restorn.
The authors of the investigation believe that the target of the attack was large cryptocurrency transactions. Operations with fiat currencies, presumably, were not injured. The hacking scenario itself turned out to be unusual, since the attacker attacked not the infrastructure of the servers, but the logic of the protocol and the mechanism for confirming transactions.
The RetoSwap team has already released a mandatory customer update to stop further operations, and also blocked the onion address associated with the attack. Now the developers are assessing options for helping affected users and preparing additional changes in the protocol.
The incident was another blow to the segment of decentralized services for private криптовалютcryptocurrencies. RetoSwap was positioned as a safe alternative to centralized exchanges due to the lack of storage of user funds and the use of multisig contracts. However, the attack showed that even non-castodional platforms could lose funds due to errors in the key protocol mechanisms.
Against the background of a series of hacking DeFi projects and services for private coins in 2026, experts are increasingly urging developers to pay more attention to the audit of the code and checking arbitration schemes. Users are advised to avoid large transactions on small sites before the publication of corrections and the completion of the investigation.
Anonymous crypto exchanges operating through Tor and not requiring verification of personality have long been considered one of the most protected parts of the crypto market. However, the recent RetoSwap hack has shown that even projects with a focus on privacy remain vulnerable to complex attacks. As a result of the incident, users lost about 7000 Monero, which at the time of the attack was estimated at about $ 2.7 million.
RetoSwap is built on the Haveno protocol and allows you to conduct P2P deals with Monero without intermediaries and KYC-checks. After the attack was discovered, the platform’s team urgently stopped trading and launched an investigation.
According to PeckShield and RetoSwap developers, the attacker took advantage of a critical error in the Aedno arbitration mechanism. Hacker pretended to be a legitimate arbiter and sent fake confirmations to the system. As a result, the protocol changed the address of the multisig wallet to the controlled attacker. The funds were withdrawn even before the creation of a protected escrow-restorn.
The authors of the investigation believe that the target of the attack was large cryptocurrency transactions. Operations with fiat currencies, presumably, were not injured. The hacking scenario itself turned out to be unusual, since the attacker attacked not the infrastructure of the servers, but the logic of the protocol and the mechanism for confirming transactions.
The RetoSwap team has already released a mandatory customer update to stop further operations, and also blocked the onion address associated with the attack. Now the developers are assessing options for helping affected users and preparing additional changes in the protocol.
The incident was another blow to the segment of decentralized services for private криптовалютcryptocurrencies. RetoSwap was positioned as a safe alternative to centralized exchanges due to the lack of storage of user funds and the use of multisig contracts. However, the attack showed that even non-castodional platforms could lose funds due to errors in the key protocol mechanisms.
Against the background of a series of hacking DeFi projects and services for private coins in 2026, experts are increasingly urging developers to pay more attention to the audit of the code and checking arbitration schemes. Users are advised to avoid large transactions on small sites before the publication of corrections and the completion of the investigation.
