Well-known vulnerability in private keys likely exploited in $160M Wintermute hack

Blockchain cybersecurity company Certik has said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in private keys generated by the Profanity app was likely exploited. The vulnerability has been known since at least January.

The U.K.-based algorithmic crypto market maker announced the hack on Tuesday and said over-the-counter and centralized finance operations were not affected. About $162.5 million worth of cryptocurrencies were taken. “We are solvent with twice over that amount in equity left,” Wintermute CEO Evgeny Gaevoy said in a tweet.

Certik said in a blog post that the hack was due to a leaked or brute-forced private key, and not a smart contract vulnerability:

“The exploiter used a privileged function with the private key leak to specify that the swap contract was the attacker controlled contract.”

The company added that a vulnerability in the popular Profanity vanity address generator was probably at fault in the hack.

Certik noted that decentralized exchange 1inch Network disclosed the apparent Profanity vulnerability in a Sept. 13 blogpost and subsequent warning on Twitter. 1inch users spotted the vulnerability after a suspicious airdrop took place in June. 1inch said on its blog:

“Profanity is one of the most popular tools due to its high efficiency. Sadly, that could only mean that most of the Profanity wallets were secretly hacked.”

The vulnerability was blamed for the hacking of $3.3 million on Sept. 13. GitHub users spotted the issue in January 2022, leading the developer to abandon the project and then archive it on Sept. 15.

A private key is derived from a user’s seed phrase, which is a list of 12-24 words associated with a wallet that allows a user to recover the cryptocurrency in a wallet, even if the wallet is lost or deleted.

Related: Polygon CSO blames Web2 security gaps for recent spate of hacks

According to Certik, around $273.9 million has been lost this year due to compromised private keys, making the method “one of the largest attack vectors.” The Wintermute attack is by far the largest, with the Harmony Protocol hack in June coming in second at $97 million.

All Dutch and English crypto news!

Crypto Biz: The Voyager Digital auction is over. What now?

Voyager Digital filed for Chapter 11 bankruptcy in July after its exposure to the toxic Three Arrows Capital led to its ultimate downfall. This week,...

Bitcoin retests key $20K level- can bulls get a higher close?

Bitcoin price rose sharply again on Friday as a dose of volatility helped BTC add nearly $1,000 within hours to top the $20,000 mark. Indeed,...

Crypto recap 30 september: WINACTIE Bitcoin Amsterdam

In deze video behandelt Axel de laatste ontwikkelingen in de crypto markt. Dit doet hij met de onderbouwing van nieuwsberichten en technische analyses. Op deze...

Blockchain interoperability goes beyond moving data from point A to B — Axelar CEO Sergey Gorbunov

Cross-chain communication between blockchains is more than just moving data from point A to B, but how it can connect applications and users for enhanced...

Beste exchanges

Koop je crypto bij Bitvavo