Friday , March 29 2024
Home / Blockchain / Crypto Market Maker Wintermute Hackers Drain $160M, Profanity Bug Suspected

Crypto Market Maker Wintermute Hackers Drain $160M, Profanity Bug Suspected

Summary:
UK-based crypto market maker Wintermute suffered a loss of approximately 0 million. In a series of tweets, the company’s founder and chief executive, Evgeny Gaevoy, revealed that the decentralized finance operations had been compromised. The centralized finance and over-the-counter verticals have not been affected. Blockchain security expert Certik recorded that 2,509,665 had been stolen over 13 transactions and speculated that the exploit could have resulted from a brute force attack on the Profanity wallet. The attacker took advantage of a leaked private key which they were able to utilize to set their malicious contract as the swap contract. Notably, the private key compromise stemmed from a vulnerability in the Profanity wallet reported last week by 1inch in a

Topics:
Chayanika Deka considers the following as important: , , ,

This could be interesting, too:

Chayanika Deka writes USDT Transaction Volume Soars on TRON DAO, Hits 2 Million Daily

Wayne Jones writes Ethereum Hits 1 Million Validators Prompting Community Concerns

Mandy Williams writes Here’s Why Bitcoin ETF Flows Will Continue for Years, According to Bitwise CIO

Andrew Throuvalas writes Vitalik Explains Ethereum’s Next Steps After Dencun Upgrade

UK-based crypto market maker Wintermute suffered a loss of approximately $160 million.

In a series of tweets, the company’s founder and chief executive, Evgeny Gaevoy, revealed that the decentralized finance operations had been compromised. The centralized finance and over-the-counter verticals have not been affected.

  • Blockchain security expert Certik recorded that $162,509,665 had been stolen over 13 transactions and speculated that the exploit could have resulted from a brute force attack on the Profanity wallet.
  • The attacker took advantage of a leaked private key which they were able to utilize to set their malicious contract as the swap contract.
  • Notably, the private key compromise stemmed from a vulnerability in the Profanity wallet reported last week by 1inch in a security disclosure report.
  • After it was detected by the decentralized exchange aggregator, a hacker stole over $3 million worth of cryptocurrencies from several Ethereum addresses generated with the Profanity tool.
  • Despite the hack, Gaevoy has assured that Wintermute, whose backers include Lightspeed Venture Partners, Pantera Capital, as well as Fidelity’s Avon, has “twice over that amount in equity left.”

“If you have a MM agreement with Wintermute, your funds are safe. There will be a disruption in our services today and potentially for the next few days and will get back to normal after. Out of 90 assets that have been hacked only two have been for notional over $1 million (and none more than $2.5M), so there shouldn’t be a major selloff of any sort. We will communicate with both affected teams asap.”

  • Blockchain expert ZachXBT has managed to locate the hacker’s wallet, which held $13 million in Wrapped Bitcoin (WBTC), over $9 million worth of ETH, and $38 million in addition to other ERC-20 tokens as of Tuesday.
  • Additionally, a significant chunk of the stolen funds – $114 million in USDC and USDT stablecoins – have been transferred to Curve Finance’s flagship 3Crv liquidity pool.
  • Wintermute nor Gaevoy has revealed any further details of the hack. Whether law enforcement has been alerted is also not known.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *