On October 2022, Rabby Wallet SwapRouter suffered a arbitrary call — the first of 21 documented arbitrary call incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.
Attack Mechanics: How the Rabby Wallet SwapRouter Arbitrary Call Played Out
Exploit Class Applied to Rabby Wallet SwapRouter
The Rabby Wallet SwapRouter incident on October 11, 2022 is classified as a Arbitrary Call. The contract executes an external call with attacker-controlled target or calldata, letting them impersonate the contract. In the full archive, Rabby Wallet SwapRouter is 1 of 21 documented arbitrary call incidents.
Rabby Wallet SwapRouter in Context
The Rabby Wallet SwapRouter incident joins a class whose largest loss to date is Seneca (2024) at $6M.
Prior Arbitrary Call Before Rabby Wallet SwapRouter
The nearest arbitrary call incident before Rabby Wallet SwapRouter was MEVBOT, 13 days earlier on September 28, 2022 ($1.47M lost). The same exploit class surfaced again within the arbitrary call attack surface.
Rabby Wallet SwapRouter Vulnerability Signature
The primary source categorises the Rabby Wallet SwapRouter exploit specifically as “Arbitrary External Call Vulnerability”. This narrower label is entity-specific: it reflects how the Rabby Wallet SwapRouter contract failed, rather than the broad arbitrary call pattern alone.
Impact & Recovery for Rabby Wallet SwapRouter
Rabby Wallet SwapRouter Loss Figure
The loss figure for Rabby Wallet SwapRouter is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 21 arbitrary call incidents in our archive is $783.5K.
Timeline Since the Rabby Wallet SwapRouter Incident
The Rabby Wallet SwapRouter exploit occurred 3.5 years ago (1,281 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for Rabby Wallet SwapRouter
Public post-mortem / on-chain analysis for the Rabby Wallet SwapRouter incident: view source.
FAQ
How much did Rabby Wallet SwapRouter lose?
The Rabby Wallet SwapRouter loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.
When did the Rabby Wallet SwapRouter hack happen?
The Rabby Wallet SwapRouter exploit was recorded on October 11, 2022 — 1,281 days ago.
What type of exploit hit Rabby Wallet SwapRouter?
The Rabby Wallet SwapRouter incident is classified as a Arbitrary Call. The contract executes an external call with attacker-controlled target or calldata, letting them impersonate the contract.
How common is the Arbitrary Call pattern seen at Rabby Wallet SwapRouter?
Our archive contains 21 documented arbitrary call incidents. The Rabby Wallet SwapRouter incident is one of them.
How does Rabby Wallet SwapRouter compare to the largest Arbitrary Call attack?
The largest arbitrary call incident in our archive is Seneca (2024) at $6M. The Rabby Wallet SwapRouter loss was not publicly disclosed.
How are the firms selected for the study?
Firms listed on the Corporate Sustainability Index (CSI) from 2012 to 2016 in the Brazilian stock market's service sector.
How does mandatory NFD affect SRQ according to the study?
Mandatory NFD improves the quality of sustainability reporting.