Giant hack in progress on Ethereum: $160 million stolen from Wintermute

One more trick – News just dropped, Wintermute, the market making platform has been the subject of a important trick. Several tens of millions of dollars were stolen.

Update on September 20 at 14:30: new elements about the cause of the hack.

$160 million stolen from Wintermute

a few hours ago, Yevgeny Gaeva the executive director of dumb winter took to Twitter to announce that platform had been hacked.

Tweet posted by Evgeny Gaevoy after the Wintermute hack.
Tweet posted by Evgeny Gaevoy after the Wintermute hack.

Thus, it revealed that 160 million dollars had been stolen in operations Challenge of the company. In fact, CeFi and OTC operations (On the counter) would not have been affected by the attack.

However, he wishes to reassure users and investors, stating that the platform is still solvent. In fact, you have more than double that amount left in principal.

AlsoYevgeny Gaeva wanted to reassure the rest of the community in the face of a potential landfill massive (collapse) of stolen assets:

“Of the 90 assets that were hacked, only two were for notional amounts greater than $1 million. So there shouldn’t be any major collapse. »

List of assets stolen during the Wintermute hack.
List of assets stolen during the Wintermute hack.

Finally, Gaevoy announced that Wintermute was ready to treat this attack as a white hat maneuver. This leaves the door open for negotiations with the attacker.

This great trick could take 7th place in the classification of the worst hacks maintained by the Rekt medium.

The hacker protects himself from censorship

Shortly after carrying out his attack, the hacker Wintermute deposited all stolen stablecoins (ie $118 million) in the group 3CRV of Curve.

Summary of the hacker's deposits on Curve.
Summary of the hacker’s deposits on Curve.

as indicated 0xtuba on Twitter, this maneuver was probably carried out to prevent Circle or Tether from freezing the stolen funds.

This colossal deposit makes the hacker the third largest holder of the 3CRV group.

Blasphemies: the wallet generator behind the hack

Obviously, as a result of this attack, several crypto researchers went looking for the causes of this hack. Quickly, they identified the trace of the Profanity rift.

Thus, 1 inch recently brought to light a flaw in the Profanity tool. In practice, Profanity is a tool that allows you to generate customizable Ethereum addresses. These custom addresses are commonly called custom addresses.

Therefore, the attacker would supposedly have managed to regenerate the private key from one of Wintermute’s hot wallets. Then, once the private key is in your possession, you could have the crypto stored in the wallet.

Mudit Gupta considers the trail of Blasphemy Rift
Mudit Gupta considers the trail of Profanity Rift – Source: Twitter.

Amounts stolen through the loophole in the Profanity tool now amount to over $170 million. At this rate, this could become one, if not the, The biggest flaw I’ve ever known Ethereum.

In parallel, 1inch revealed the flaw present in Profanity just a few days ago. The goal was to warn wallets potentially at risk. A warning that may have been put in the ear of the Wintermute hacker.

Another one bites the dust. Another giant of the crypto ecosystem bites the dust. Avoid leverage for a while and you’ll be fine. Register without delay on the reference crypto exchange platform FTX. In addition, you benefit from a return of up to 8% on all your cryptocurrencies (commercial link, see conditions on the official website).

Leave a Comment

Your email address will not be published. Required fields are marked *