[ad_1]
Major liquidity provider Wintermute has become the latest cryptocurrency firm to suffer a security breach in recent months.
Attack to Be Treated as a “White Hat” Hack
Earlier this morning, CEO of Wintermute Evgeny Gaevoy took to Twitter to share the news. In a series of tweets, Gaevoy explained that only their DeFi protocols had been affected. Their CeFi and OTC activities remain up and running. About 90 assets were compromised, with a little over 160 million USD siphoned off in 13 transactions.
We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected
— wishful cynic (@EvgenyGaevoy) September 20, 2022
Upon further review, blockchain security firm Cerik determined that the hack had most likely resulted from a breach in the Profanity Wallet. Profanity is a tool used to generate random wallet addresses. While it is useful for quickly creating a lot of user wallets, these addresses become increasingly easier to breach over time. Interestingly, DeFi exchange aggregator, 1Inch, discovered and reported this flaw a week prior to the hack.
The hacker then went on to loot a further 3.3 million USD from compromised Ethereum wallets generated using the Profanity tool.
A Twitter blockchain expert located the hacker’s wallet address mere hours later. The wallet showed that the hacker had already transferred well over half the stolen funds into the Curve liquidity pool.
Wintermute CEO Assuages Fears
Despite the severity of the situation, CEO Gaevoy assured users that the hack would not cripple the company’s operations. According to Gaevoy, Wintermute still has well over the stolen amount left in equity. The chief executive explained that the funds of any parties that had a material agreement with the company remained intact.
The CEO then added that users could choose to recall their loans if they felt uncomfortable with the company’s position.
Finally, Gaevoy stated that Wintermute would treat the breach as an ethical hack, and encouraged the hacker to contact them.
We are (still) open to treat this a s a white hat, so if you are the attacker – get in touch
— wishful cynic (@EvgenyGaevoy) September 20, 2022
Wintermute joins Nomad, Harmony, and Crema Finance on the ever-lengthening list of crypto firms that have seen hacks this year. In mid-August, CNBC reported that hackers had stolen nearly 2 billion USD in 2022 alone.
[ad_2]
Source link