Sweat Economy exploit drains 13.7B tokens (~65% supply), exposing key compromise risks and potential market impact.
Author: Akshat Thakur
29th April 2026 – An attacker drained approximately 13.71 billion SWEAT tokens from multiple Sweat Economy foundation wallets on NEAR Protocol today. The stolen tokens represent roughly 65% of the total SWEAT supply.
High Signal Summary For A Quick Glance
hrithik ( 히리틱 )
@hrithikk
@blockaid_ @SweatEconomy @NEARProtocol I’m sure this is planned hack as this is the very old project Its exit liquidity
🚨Community Alert: Ongoing exploit on @SweatEconomy on @NEARProtocol. Exploiter: 3be304b2151870b2be88b9de0b80acab921337ad152584138bd852fc6e9ae018 Largest exploit tx: DvrSMfY85Anc6AuLUmoEDkDdab7qX5NUZLu76HN8NoPn
04:55 PM·Apr 29, 2026
Meme Warzone
@memewarzone
@blockaid_ @SweatEconomy @NEARProtocol This shit needs to stop! Its f*cking up our Space! When are projects going to take security seriously? I don't say Sweat and Near are not doing everything they can but this is a pattern!
🚨Community Alert: Ongoing exploit on @SweatEconomy on @NEARProtocol. Exploiter: 3be304b2151870b2be88b9de0b80acab921337ad152584138bd852fc6e9ae018 Largest exploit tx: DvrSMfY85Anc6AuLUmoEDkDdab7qX5NUZLu76HN8NoPn
04:52 PM·Apr 29, 2026
Nozomi
@NozomiNetwork
@blockaid_ @SweatEconomy @NEARProtocol can we survive a day without any exploit??? this is the second one for today 🥲 https://t.co/ulrY2w6Ldg
🚨Community Alert: Ongoing exploit on @SweatEconomy on @NEARProtocol. Exploiter: 3be304b2151870b2be88b9de0b80acab921337ad152584138bd852fc6e9ae018 Largest exploit tx: DvrSMfY85Anc6AuLUmoEDkDdab7qX5NUZLu76HN8NoPn
04:21 PM·Apr 29, 2026
Steady attention without excessive speculation.
Blockchain security firm Blockaid flagged the Sweat Economy exploit in a public alert on X at approximately 15:53 UTC. According to Blockaid, the drain happened in a single ~30-second window starting at 13:36 UTC. Multiple foundation accounts were emptied to zero.
As of 18:00 UTC, Sweat Economy has not released a statement. The team has not paused contracts or announced any recovery plan. NEAR Foundation has also remained silent.
Blockaid’s follow-up analysis identified the exploiter address as 3be304b…9ae018 on NEAR. The largest single transaction was DvrSMfY…8NoPn.
The attacker used a custom Rust-based drainer contract. Blockaid identified the crate name as “exploit-resolve.” In under 30 seconds, the contract executed rapid, coordinated transfers from several foundation-held wallets.
After extracting the tokens, the attacker routed funds through Ref Finance, the main DEX on NEAR. From there, proceeds moved toward the Wormhole/Portal Bridge for cross-chain movement. About $20,000 in SWEAT had already been swapped to NEAR and USDC at the time of Blockaid’s report.
This was not a reentrancy attack or oracle manipulation. The exploit targeted Sweat Foundation-controlled wallets directly, according to Blockaid. The attacker appears to have gained access to multiple foundation accounts, likely through private-key compromise or prior access.
In plain terms, someone with access to the foundation’s keys triggered automated transfers using a custom drainer. This is a classic key-compromise pattern. The core SWEAT protocol and user wallets do not appear to be affected.
The exact root cause remains unknown. It could involve compromised keys, social engineering, or insider access. No details have been confirmed by the Sweat Economy team.
Sweat Economy launched in 2022 as the blockchain evolution of the Sweatcoin app. Sweatcoin, founded in 2016, rewards users for physical steps. At its peak, the app claimed over 120 million users worldwide.
The project operates a dual-token system. In-app Sweatcoin rewards accumulate from walking. On-chain SWEAT tokens live on NEAR Protocol. The model aimed to bring mainstream fitness users into crypto.
Sweat Economy had no major prior security incidents. NEAR Protocol, however, has seen other exploits in 2026. Rhea Finance suffered an oracle manipulation attack earlier this year that became one of the largest DeFi hacks of 2026.
The fact that foundation wallets held 65% of the total supply raises questions about token distribution. Concentrated holdings in project-controlled wallets create a single point of failure, as this exploit demonstrates.
Key milestones in SweatEconomy Exploit (April 29, 2026)
Multiple foundation-linked wallets are drained within ~30 seconds, marking the start of a coordinated exploit event.
Security monitors flag the attack, identifying the exploiter and reporting ~$3.46M in SWEAT extracted via a custom drainer contract.
Attacker routes funds through DeFi protocols and cross-chain bridges, converting portions into liquid assets while spreading holdings.
As of latest updates, the team has not issued a public response, pause notice, or recovery plan regarding the exploit.
Funds remain under attacker control with ongoing movement; no confirmed mitigation or compensation measures announced.
The numbers are stark. According to Blockaid, the attacker extracted approximately 13.71 billion SWEAT tokens. That represents roughly 65% of the total supply.
Post-exploit, the exploiter address now controls about 17.71 billion SWEAT. At current prices, that stash is worth approximately $3.46 million. The relatively low dollar value reflects SWEAT’s price, which trades near $0.000195.
NullTx confirmed the same figures in a detailed on-chain summary. MEXC News also reported matching numbers. All available sources align on the scale and timing of the drain, with no discrepancies.
Despite the severity of the supply drain, SWEAT’s price reaction has been surprisingly muted so far. The token traded at roughly $0.000194 to $0.000196 in the hours after the alert. That represents only a 1-2% intraday drop.
SWEAT had already been hovering near recent lows in late April. The 24-hour trading volume sat between $800,000 and $845,000, according to CoinMarketCap data. NEAR’s native token showed no material reaction tied to the incident.
If the attacker dumps the remaining SWEAT holdings, however, the price could crater. A 65% supply overhang in hostile hands creates enormous sell pressure. Traders should monitor the exploiter address for large movements.
On X, the dominant sentiment is shock and frustration. Security account @ZeroDayDevApp warned users to revoke any Sweat contract approvals immediately. Analyst @MoonCall called it “one of the biggest supply-level token events of the year.”
@sophiaHodlberg noted that the incident has not been confirmed by the SWEAT team. Some community members speculate about an insider job or exit liquidity scenario, though no evidence supports those claims.
Reddit and Telegram channels show similar alarm. Users are calling for the team to respond, with many asking whether the protocol itself remains safe for regular holders.
The immediate concern is the team’s silence. Hours after a 65% supply drain, Sweat Economy has not acknowledged the Sweat Economy exploit publicly. Comparable incidents at other protocols typically trigger emergency communications within minutes.
Holders should watch for an official response from the team. Any contract pause, token migration plan, or law enforcement engagement would signal an active recovery effort. The absence of communication raises questions about the project’s operational status.
On-chain watchers should also track the exploiter address for further swap or bridge activity. If the attacker converts the remaining SWEAT to stablecoins, the token’s price could face severe downward pressure.
This is not financial advice. Always do your own research before making any decisions based on breaking security events.
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
