Hacks

Crypto Hack Let Hackers Stolen $160 Million From Crypto Firm Wintermute

Wintermute, a crypto trading firm, has been targeted in the latest crypto heist to steal more than $160 million in digital assets.

Only DeFi operations were affected by this hack, while lending and over-the-counter (OTC) services were not impacted at all.

An unauthorized series of transactions were involved in the hack, as well as the attacker also transferred 70 cryptocurrencies to their wallets in the process, and among them, the popular ones are:-

  • USD Coin
  • Binance USD
  • Tether USD
  • Wrapped ETH

$160 Million Hack

The founder and CEO of Wintermute, Evgeny Gaevoy stated that:-

“Our defi operations have been hacked for approximately $160 million, but CEFI and OTC operations remain unaffected. As far as our liquidity goes, we have twice that much equity left.”

They also reported that a total of 90 assets had been compromised, although only two of those assets were worth more than $1 million, a figure based on a notional value. In addition, the company stressed that customers holding contracts with Wintermute market makers need not be concerned.

A detailed explanation of the exact method used to perpetrate the hack is not known at the moment as the exact exploit is unknown. While Gaevoy noted the most likely cause of the attack was an exploit in the trading wallet, which is a “Profanity-type exploit.”

The company also admitted that Profanity, a piece of software dedicated to creating Ethereum vanity addresses, was also used by Wintermute. At the moment, its anonymous maintainer has abandoned the open-source project.

There would be a disruption to Wintermute’s service for at least one day during the maintenance period. There is an outstanding debt of more than $200 million owed by DeFi to the crypto trading firm.

Wintermute’s hack now joins the list of high-profile crypto-theft incidents reported this year including a number of high-profile heists.

This is the latest breach to have occurred on DeFi protocols, and it is known as the Wintermute breach. This theft has been attributed to the North Korean-backed Lazarus Group, which has been found responsible for some of these thefts.

Moreover, in the course of billions of dollars of daily trades, crypto market makers and trading companies often carry debt.

Download Free SWG – Secure Web Filtering – E-book

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Lessons Learned from the CISA – Ivanti Cyberattack – 2024

In today's digital era, the frequency and sophistication of cyberattacks are on the rise, posing…

28 mins ago

Cisco Warns of Password Spraying Attacks Exploiting VPN Services

Password spraying is a technique hackers often take advantage of because it enables them to…

3 hours ago

GitLab Security Flaw Let Attackers Inject Malicious Scripts: Patch Now

GitLab has announced the release of updated versions for both its Community Edition (CE) and…

3 hours ago

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…

8 hours ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…

21 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

22 hours ago