Mathisen Marketing

Your Marketing Blog

Hacker Exploits Profanity’s Vanity Address to Steal $950 in ETH – crypto.news

Hacker Exploits Profanity’s Vanity Address to Steal $950 in ETH

As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.

Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase

Just a week after the Wintermute hack, $950,000 in Ether (ETH) has been stolen from a crypto wallet via a “vanity address” exploit, according to reports published on September 26, 2022.

Vanity addresses created with profanity as targets of attack

On September 26, Peckshield, a blockchain security company tweeted that a hacker stole $950,000 worth of Ether (ETH) from a cryptocurrency wallet. The hack bore many similarities to last week’s $160 million breach of Wintermute.

PeckShield says a hacker stole 732 ETH from a cryptocurrency wallet on September 25 and mixed it with other crypto funds using a sanctioned crypto mixing service, Tornado Cash. The funds were then successfully transferred to the bad actor’s crypto wallet.

Experts have revealed that the latest heist was made possible by a weakness in the vanity address generator that was first discovered on GitHub in January 2022. The vulnerabilities became public in September when the decentralized 1-inch exchange aggregator discovered fundamental security issues with the Profanity tool. .

For the uninitiated, the Profanity tool is a vanity wallet address generator, as already mentioned. While most Ethereum wallet addresses are randomly generated, these vanity addresses are generated with a specific term, such as someone’s name, somewhere within the address.

According to 1inch, many vanity addresses created with the Profanity tool are at risk of being exploited, which would require a brute force attack. Although this attack would require a huge amount of computing power to execute, hackers still find it a rewarding exercise to carry out these attacks if there is a large amount of crypto in the wallet.

Crypto and DeFi heists continue

Security breaches and hacks have become more common in the crypto industry, with DeFi protocols taking the biggest hit so far. A week ago, hackers stole $160 million from crypto market maker Wintermute. It was later revealed that the hack was possible because one of Wintermute’s addresses had the characteristics of a vanity address, which may have been the cause of the vulnerability.

Apparently the problem is getting worse. According to reports, cybercriminal hackers have stolen over $1.9 billion worth of crypto in July 2022, which is significantly more than the $1.2 billion stolen during the same period in 2021.

Ethereum Devs Float “Undo Button” Proposal

The rise of crypto hacks in 2022 has prompted a group of researchers to formulate a new proposal for two new Ethereum token standards: ERC20R and ERC721R. The proposed new token standards are extensions of the current ERC20 and ERC721, and would now include the ability to reverse malicious transactions.

The proposed token standards would combine a token agreement with a governance agreement, with the latter being overseen by a decentralized legal system. According to the proposal, users who have become victims of hacking would be able to provide evidence supporting the suspension of the administrative smart contract.

The freeze request is then submitted to a panel of decentralized judges who vote to decide whether there is substantial evidence to freeze the funds or for another reason.

If a majority of the judges vote for a stay, the trial will begin. During the trial, both sides (the victim and the hacker) can submit their evidence to the decentralized judges, who vote again on the outcome.

While the idea has the potential to reduce the risk of data breaches, many in the crypto space have criticized the proposal, saying such initiatives go against the basic principles of blockchain technology. Some critics also pointed out that adding a translatability feature to ERC20 token contracts can make their integration into decentralized applications challenging.



Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts

  • Tezos Foundation partners with Unity to expand Web3 gaming reach – crypto.news

    Tezos Foundation partners with Unity to expand Web3 gaming reach – crypto.news

    Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase The Tezos Foundation has announced a professional services agreement with game engine developer Unity. A strategic partnership with Unity’s Accelerate Solutions ensures the development of the Web3 Blockchain SDK for games and dApps, according to a press release published on […]

    Read More

  • Putin wants to create new worldwide payment system

    Putin wants to create new worldwide payment system

    Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase President Putin called for a crypto- and blockchain-based payment system without the influence of banks or any third party. He also criticized the existing payment systems, calling them a weapon of the West and expensive at the same time. Over […]

    Read More

  • AAX crypto exchange deletes YouTube channel as trouble brews – crypto.news

    AAX crypto exchange deletes YouTube channel as trouble brews – crypto.news

    Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase AAX Exchange has added salt to the wounds of its users by removing it YouTube channel and videos without notice. Users of the platform have been in trouble for the past 15 days after the exchange froze its withdrawal facility […]

    Read More