RetoSwap Hack Exploits Haveno Protocol Vulnerability

RetoSwap Hack Exploits Haveno Protocol Vulnerability

First seen 25 May 2026, 16:05 UTC Halbornsmartcontractshacking.com 85% similarity 67.5

Article Content

Browse articles
ThreatCluster

On May 20, 2026, RetoSwap, a P2P decentralized exchange, was hacked, resulting in the theft of approximately 7,000 XMR (around $2.7 million). The attacker exploited a critical vulnerability in the Haveno trading protocol, allowing them to impersonate an arbitrator during multisig wallet creation. By sending a fraudulent ACK message, the attacker gained control of the arbitrator's node address, enabling them to hijack the wallet setup process. Once the victim deposited funds, the attacker drained the compromised wallet. The incident primarily affected large-scale crypto-to-crypto trades, while fiat transactions were not impacted. The stolen Monero is untraceable, complicating recovery efforts. This hack highlights the importance of thorough security audits to identify business logic errors in protocols. The current status of the stolen funds remains unresolved.

Key Points: • RetoSwap lost approximately $2.7 million due to a hack exploiting Haveno's vulnerabilities. • The attacker impersonated an arbitrator by sending a spoofed ACK message during wallet creation. • The incident underscores the need for comprehensive security audits to detect business logic errors.

ThreatCluster AI

Timeline

2026-05-20
RetoSwap hacked
An attacker exploited a vulnerability in the Haveno protocol, stealing around $2.7 million in Monero.
smartcontractshacking.com
2026-05-20
Vulnerability exploited
The attacker sent a fraudulent ACK message, impersonating the platform's arbitrator to hijack wallet creation.
Halborn

Community

Browse all →