Wintermute CEO, Evgeny Gaevoy has confirmed that the multi-million-dollar Wintermute hack was linked to a critical bug in the Ethereum vanity address-generating tool called Profanity.
Wintermute, a crypto asset algorithmic market maker, was on Tuesday хит for $160 million in its на определен обем, operations, Gaevoy said. More than 90 assets of different values were stolen, he added.
The hack comes a few days after 1inch обележани Profanity-generated addresses as high risk.
Profanity is a tool that lets Ethereum users create “vanity addresses” – personalized паричник addresses that contain human-readable messages, which make transfers easier.
Profanity bug leads to wallet breach
претходно, Binance CEO, Changpeng Zhao испратени on Twitter that the Wintermute exploit looked “like Profanity-related” but did not explain how.
“If you used vanity addresses in the past, you might want to move those funds to a different wallet,” he cautioned.
Polygon chief information безбедност officer Mudit Gupta corroborated the allegations with evidence.
“I took a quick look and my best guess is that it was a hot wallet compromise due to the Profanity bug that was publicly disclosed a few weeks ago,” Gupta said in a блог пост.
“The vault only allows admins to do these transfers and Wintermute’s hot wallet is an admin, as expected. Therefore, the contracts worked as expected but the admin address itself was likely compromised,” he said, adding:
“The admin address is a vanity address (starts with a bunch of zeroes) which might have been generated using the famous but buggy vanity address generating tool called Profanity.”
Crypto security company Certik also explained how the attack was carried out. “The exploiter used a privileged function with the private key leak to specify that the swap contract was the attacker-controlled contract,” the blog post read.
Vanity addresses are supposed to be impossible to replicate but hackers have found a way to reverse calculate these codes, accessing millions of dollars.
Wintermute CEO, Evgeny Gaevoy later confirmed that the hack was linked to Profanity. Evgeny broke down the incident.
“The attack was likely linked to the Profanity-type exploit of our на определен обем, trading wallet. We did use Profanity and an internal tool to generate addresses with many zeroes in front. Our reason behind this was gas optimization, not “vanity” he stated in a Твитер нишка.
The DEX has since “moved to a more secure key generation script.” “As we learned about the Profanity exploit last week, we accelerated the ‘old key’ retirement,” Gaevoy averred.
Warning ignored?
Wintermute’s hack comes a few days after DEX aggregator 1inch Network issued a warning that people whose accounts are connected to Profanity were not safe. The firm discovered a vulnerability in the popular vanity address tool, which put millions of dollars in user money at risk.
“Transfer all of your assets to a different wallet as soon as possible,” 1inch предупреди at the time. “If you used Profanity to get a vanity smart contract address, make sure to change the owners of that smart contract.”
The developer behind Profanity, known on Github as “johguse”, призна that the tool was in its current form very risky.
“I strongly advise against using this tool in its current state. The code will not receive any updates and I’ve left it in an uncompilable state. Use something else!” johguse wrote on Github.
The Wintermute attack is not the first time codes have been manipulated to steal user funds. Earlier this month, hackers stole more than $3.3 million in ETH from several Profanity-related wallet addresses using the same method, според на крипто-работник ZachXBT.
The $160 million Wintermute exploit makes it only the fifth largest DeFi hack in 2022. The exploit falls behind several key exploits this year, most notably, the $550 million Ronin Bridge hack from March this year.
За најновото на Be[In]Crypto Bitcoin (БТК) анализа, Кликни тука.
Општи услови
Сите информации содржани на нашата веб-страница се објавени со добра волја и само за општи информации. Секоја акција што читателот ја презема врз информациите што се наоѓаат на нашата веб-страница е строго на нивна опасност.
Source: https://beincrypto.com/160m-wintermute-hack-makes-top-5-2022/