What Happened in the SWEAT Protocol Exploit?
The SWEAT protocol paused its token contract after an attacker exploited a vulnerability on Wednesday, briefly gaining control of roughly 13.71 billion SWEAT tokens, or about 65% of total supply.
The exploit began around 13:36 UTC, targeting the Near-based token contract and draining balances from the top 100 holder accounts. Crypto security firm Blockaid, which detected the attack, reported that multiple foundation-linked accounts were emptied within a 30-second window.
At the time of the exploit, the stolen tokens were valued at approximately $3.5 million, based on prevailing market prices.
How Did the Team Contain the Attack?
The SWEAT team moved quickly to pause the token contract and limit further damage. It also contacted crypto exchange MEXC and liquidity provider Rhea Finance, which were being used by the attacker to liquidate funds.
MEXC froze the attacker’s account, while Rhea Finance halted SWEAT trading, restricting the ability to convert stolen tokens into other assets.
Following these actions, the team confirmed that all external account balances were restored and operations returned to normal. The protocol said it will submit a formal incident report to law enforcement and conduct a full forensic review.
Investor Takeaway
What Does This Say About DeFi Security Risks?
The incident highlights how vulnerabilities in token contracts can lead to concentrated losses in a short time frame, especially when large holder accounts are targeted. The ability to drain a majority share of supply within minutes reflects ongoing structural risks in smart contract design and access control.
At the same time, the outcome shows a shift in how protocols respond to attacks. Instead of relying solely on post-incident recovery, teams are increasingly focused on real-time containment through partnerships with centralized exchanges and onchain liquidity providers.
The SWEAT team said all user balances were restored, an outcome that remains uncommon in most exploit scenarios.
Investor Takeaway
How Does This Fit Into Recent Exploit Trends?
The attack comes amid a series of large-scale incidents across DeFi. Recent cases include the $280 million exploit involving Drift and the $292 million Kelp DAO breach, both of which affected broader market confidence and total value locked across the sector.
In response, industry efforts have started to emerge to mitigate systemic risk. DeFi United, a community initiative, has been formed to help backstop losses in major incidents such as the Kelp DAO exploit.
While vulnerabilities remain a persistent issue, the SWEAT incident shows that coordinated intervention can reduce the financial impact and restore user confidence more quickly than in previous cycles.
