$160M Stolen from Wintermute DeFi Operations in Hack
Crypto market maker Wintermute has been the target of a hack, which resulted in a loss of $160M in its DeFi operations on September 23rd 2022.
Despite news of this most recent hack, CEO Evgeny Gaevoy maintains that the firm remains debt free ,with more than $300M in remaining equity and an assurance that the investors who have a market maker agreement with the company are safe. Gaevoy also said on Twitter that all funds are safe, and that the services will return to normal in the next few days:
“If you are a lender to Wintermute, again, we are solvent, but if you feel safer recalling the loan, we can absolutely do that.”
On the day of the hack, Wintermute gave the hacker an ultimatum, to return 90% of the funds within 24 hours, with the remaining 10% being accepted as a loss.
They did this by releasing an on-chain message on September 23 2022, which read:
“If the funds are not returned by September 23, you will force us to remove our bounty offer and we will then proceed accordingly with the appropriate authorities and avenues.”
Meanwhile, Polygon’s Head of Information Security,Mudit Gupta, explained that the hacker had taken advantage of a program called Profanity, which creates “vanity” wallet addresses that are less randomly generated than typical crypto addresses, which usually contain a totally unique string of numbers and letters. In the case of Wintermute, however, the address used was Profanity-generated and began with a number of zeros. The Co-Founder of DeFi / DEX aggregator 1inch, Anton Bukov, explained that an address like that could be taken advantage of very easily, even using typical home hardware.
He added that the address was created to save on the high gas fees on Ethereum, yet still it is not known exactly if it actually solved this issue.
The bug was identified by 1inch on September 23rd, and Wintermute promptly advised its Profanity users to move their assets out of their vanity wallets.
However, according to Gupta, Wintermute made one crucial mistake, forgetting to remove the vanity address as an administrator of the smart contract, which the hacker then emptied.
Crypto analytics firm Arkham Intelligence stated that the hack was done in 45 minutes, and is the 7th largest in DeFi history.
Source: twitter.com
analyst opinion
Eda Tutkun
Despite news of this most recent hack, CEO Evgeny Gaevoy maintains that the firm remains debt free ,with more than $300M in remaining equity and an assurance that the investors who have a market maker agreement with the company are safe. Gaevoy also said on Twitter that all funds are safe, and that the services will return to normal in the next few days:
“If you are a lender to Wintermute, again, we are solvent, but if you feel safer recalling the loan, we can absolutely do that.”
On the day of the hack, Wintermute gave the hacker an ultimatum, to return 90% of the funds within 24 hours, with the remaining 10% being accepted as a loss.
They did this by releasing an on-chain message on September 23 2022, which read:
“If the funds are not returned by September 23, you will force us to remove our bounty offer and we will then proceed accordingly with the appropriate authorities and avenues.”
Meanwhile, Polygon’s Head of Information Security,Mudit Gupta, explained that the hacker had taken advantage of a program called Profanity, which creates “vanity” wallet addresses that are less randomly generated than typical crypto addresses, which usually contain a totally unique string of numbers and letters. In the case of Wintermute, however, the address used was Profanity-generated and began with a number of zeros. The Co-Founder of DeFi / DEX aggregator 1inch, Anton Bukov, explained that an address like that could be taken advantage of very easily, even using typical home hardware.
He added that the address was created to save on the high gas fees on Ethereum, yet still it is not known exactly if it actually solved this issue.
The bug was identified by 1inch on September 23rd, and Wintermute promptly advised its Profanity users to move their assets out of their vanity wallets.
However, according to Gupta, Wintermute made one crucial mistake, forgetting to remove the vanity address as an administrator of the smart contract, which the hacker then emptied.
Crypto analytics firm Arkham Intelligence stated that the hack was done in 45 minutes, and is the 7th largest in DeFi history.
Source: twitter.com