Crypto trading firm Wintermute loses $160 million in hacking incident


In what is the latest crypto heist to target the decentralized finance (DeFi) space, hackers have stolen digital assets worth around $160 million from a crypto trading company Winter Mute.

The hack involved a series of unauthorized transactions that transferred USD Coin, Binance USD, Tether USD, Wrapped ETH and 66 other cryptocurrencies to the attacker’s wallet.

The company said its centralized funding (CeFi) and over-the-counter (OTC) operations were not affected by the security incident. He did not reveal when the hack took place.

cyber security

The digital asset market maker, which provides liquidity to several crypto exchanges and platforms, warned of a disruption of its services in the coming days, but stressed that it was “solvent with twice as much than this amount in equity”.

“We are (still) open to process[ing] this as a white hat, so if you’re the attacker – get in touch with us,” company founder and CEO Evgeny Gaevoy said. said in a tweet.

Details surrounding the exact exploit method used to perpetuate the hack are unknown at this time, although Gaevoy said the attack was likely caused by a “blasphemy-type exploit” in his trading portfolio.

Wintermute further admitted to using ImpietyEthereum custom address generation software, alongside an in-house tool to generate addresses with many leading zeros as recently as June.

The open-source project is currently being abandoned by its anonymous maintainer, who goes by the name johguse, citing “fundamental security issues in private key generation.”

Incidentally, profanity also came into the limelight last week after decentralized exchange (DEX) aggregator 1inch Network disclosed a vulnerability that could be exploited to recalculate private wallet keys from addresses created using the utility.

cyber security

Subsequently, the attack vector was exploited by malicious actors to drain $3.3 million from Ethereum addresses made with Profanity on September 16, 2022.

The Wintermute breach is the latest attack on DeFi protocols, including that of Axie Infinity, Harmony Horizon Bridge, Nomad and Curve.Finance over the past few months. Some of these thefts have been attributed to the North Korean-backed Lazarus Group.

According to a Bishop Fox report published in May 2022, security incidents hitting DeFi platforms led to losses in the order of $1.8 billion in 2021 alone, with services experiencing an average of five hacks per year. month.

“In most cases, the attack originated from a vulnerability in the smart contracts or in the logic of the protocol itself,” the company said. Noted. “Another significant vector was the compromise of wallets and their private keys.”


About Author

Comments are closed.