Crypto Hack Let Hackers Stolen 0 Million From Crypto Firm Wintermute

Wintermute, a crypto trading firm, has been targeted in the latest crypto heist to steal more than $160 million in digital assets.

Only DeFi operations were affected by this hack, while lending and over-the-counter (OTC) services were not impacted at all.

An unauthorized series of transactions were involved in the hack, as well as the attacker also transferred 70 cryptocurrencies to their wallets in the process, and among them, the popular ones are:-

  • USD Coin
  • Binance USD
  • Tether USD
  • Wrapped ETH

$160 Million Hack

The founder and CEO of Wintermute, Evgeny Gaevoy stated that:-

“Our defi operations have been hacked for approximately $160 million, but CEFI and OTC operations remain unaffected. As far as our liquidity goes, we have twice that much equity left.”

They also reported that a total of 90 assets had been compromised, although only two of those assets were worth more than $1 million, a figure based on a notional value. In addition, the company stressed that customers holding contracts with Wintermute market makers need not be concerned.

A detailed explanation of the exact method used to perpetrate the hack is not known at the moment as the exact exploit is unknown. While Gaevoy noted the most likely cause of the attack was an exploit in the trading wallet, which is a “Profanity-type exploit.”

The company also admitted that Profanity, a piece of software dedicated to creating Ethereum vanity addresses, was also used by Wintermute. At the moment, its anonymous maintainer has abandoned the open-source project.

There would be a disruption to Wintermute’s service for at least one day during the maintenance period. There is an outstanding debt of more than $200 million owed by DeFi to the crypto trading firm.

Wintermute’s hack now joins the list of high-profile crypto-theft incidents reported this year including a number of high-profile heists.

This is the latest breach to have occurred on DeFi protocols, and it is known as the Wintermute breach. This theft has been attributed to the North Korean-backed Lazarus Group, which has been found responsible for some of these thefts.

Moreover, in the course of billions of dollars of daily trades, crypto market makers and trading companies often carry debt.

Download Free SWG – Secure Web Filtering – E-book

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.