Wintermute Loses 160 Million USD in Major Defi Hack

[ad_1]

Major liquidity provider Wintermute has become the latest cryptocurrency firm to suffer a security breach in recent months.

Attack to Be Treated as a “White Hat” Hack

Earlier this morning, CEO of Wintermute Evgeny Gaevoy took to Twitter to share the news. In a series of tweets, Gaevoy explained that only their DeFi protocols had been affected. Their CeFi and OTC activities remain up and running. About 90 assets were compromised, with a little over 160 million USD siphoned off in 13 transactions.

We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected

— wishful cynic (@EvgenyGaevoy) September 20, 2022

Upon further review, blockchain security firm Cerik determined that the hack had most likely resulted from a breach in the Profanity Wallet. Profanity is a tool used to generate random wallet addresses. While it is useful for quickly creating a lot of user wallets, these addresses become increasingly easier to breach over time. Interestingly, DeFi exchange aggregator, 1Inch, discovered and reported this flaw a week prior to the hack.

The hacker then went on to loot a further 3.3 million USD from compromised Ethereum wallets generated using the Profanity tool.

A Twitter blockchain expert located the hacker’s wallet address mere hours later. The wallet showed that the hacker had already transferred well over half the stolen funds into the Curve liquidity pool.

Wintermute CEO Assuages Fears

Despite the severity of the situation, CEO Gaevoy assured users that the hack would not cripple the company’s operations. According to Gaevoy, Wintermute still has well over the stolen amount left in equity. The chief executive explained that the funds of any parties that had a material agreement with the company remained intact.

The CEO then added that users could choose to recall their loans if they felt uncomfortable with the company’s position.

Finally, Gaevoy stated that Wintermute would treat the breach as an ethical hack, and encouraged the hacker to contact them.

We are (still) open to treat this a s a white hat, so if you are the attacker – get in touch

— wishful cynic (@EvgenyGaevoy) September 20, 2022

Wintermute joins Nomad, Harmony, and Crema Finance on the ever-lengthening list of crypto firms that have seen hacks this year. In mid-August, CNBC reported that hackers had stolen nearly 2 billion USD in 2022 alone.

Stay up to date with our latest articles

[ad_2]

Source link

What's Hot

Land Transportation Of A Boat – A Step-by-Step Guide

Child welfare algorithm faces Justice Department scrutiny

Peninsula mountain lion attack sends child to hospital

Like FTX, Celsius Used QuickBooks to Handle its Accounting

Addressable raises $7.5M to enable Web3 companies to acquire users at scale

Biswap DEX Unveils Improved AMM as Part of Its Ambitious 2023 Roadmap

Venom Ventures Fund Commits a $5 Million Strategic Investment in the Everscale Blockchain

SIMBA Chain Awarded $30M U.S. Air Force STRATFI

Veax Labs Launches Public Testnet For Its Advanced NEAR-Based DEX