Crypto Market Maker Wintermute Suffered A $160M Exploit — What Happened? ⋆ ZyCrypto
As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.
Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase
On Tuesday, cryptocurrency market marker Wintermute announced that it had lost $160 million in an exploit, becoming the latest victim in a series of high-profile hacks that have plagued the De-Fi industry to date.
in the chain tweets After the hack, Wintermute CEO Evgeny Gaevoy explained what happened, blaming the exploit in part on “internal human error”. The hack, which affected around 90 assets, involved Wintermute’s Ethereum vault, which is used for Def’s own trading.
According to Gaevoy, the attack was an “integrity-based exploit” of the company’s DeFi vault. He admitted that they had been using Profanity along with an internal tool to generate addresses, which he said would help them save on gas bills.
Profanity is an Ethereum address generation tool that was hacked last week for $3.3 million worth of cryptocurrency. According to the tool’s GitHub page, the project was abandoned a couple of years ago when “fundamental security issues with private key generation” were raised. However, after last week’s 1-inch demo, the project was marked archived to warn people against using it.
According to Gaovey, while Wintermute last generated addresses on Profanity in June before switching to a more secure key generation program, last week’s hack prompted them to move all ETH from the compromised addresses, speeding up the “old key” exit. However, in the process, they “failed to remove this address’s ability to log in and do other things,” revealing key information to the hacker, ICSI researcher Nicholas Weaver and Chief Mad Scientist tweeted.
According to Gaevoy, the DeFi vault was the only impact because it is “completely separate and independent” from the company’s CeFi and OTC operations. He further clarified that all of Wintermute’s lenders were safe, adding that they were free to cancel their loans as the company still had more than twice the stolen amount.
In the latest update, Wintermute has offered a 10% reward ($16 million USDC) of the funds taken, stating that they are still treating the exploit as a white hat attack. Gaevoy has also stated that there will be no layoffs, strategy changes, or emergency fundraisers, and that they are working with multiple references to resolve the issue “in a simple way.”
Meanwhile, the hacker’s wallet currently holds around $9 million in Ether (ETH) and over $100 million in other assets in Curve’s 3pool, presumably to avoid being blacklisted. However, Tuesday’s incident marked the first major DeFi attack since the sanctioning of crypto mixer Tornado Cash, it will be interesting to see how these funds are laundered if Wintermute does not compromise with the hacker.