Hacks

Crypto Hack Let Hackers Stolen $160 Million From Crypto Firm Wintermute

Wintermute, a crypto trading firm, has been targeted in the latest crypto heist to steal more than $160 million in digital assets.

Only DeFi operations were affected by this hack, while lending and over-the-counter (OTC) services were not impacted at all.

An unauthorized series of transactions were involved in the hack, as well as the attacker also transferred 70 cryptocurrencies to their wallets in the process, and among them, the popular ones are:-

  • USD Coin
  • Binance USD
  • Tether USD
  • Wrapped ETH

$160 Million Hack

The founder and CEO of Wintermute, Evgeny Gaevoy stated that:-

“Our defi operations have been hacked for approximately $160 million, but CEFI and OTC operations remain unaffected. As far as our liquidity goes, we have twice that much equity left.”

They also reported that a total of 90 assets had been compromised, although only two of those assets were worth more than $1 million, a figure based on a notional value. In addition, the company stressed that customers holding contracts with Wintermute market makers need not be concerned.

A detailed explanation of the exact method used to perpetrate the hack is not known at the moment as the exact exploit is unknown. While Gaevoy noted the most likely cause of the attack was an exploit in the trading wallet, which is a “Profanity-type exploit.”

The company also admitted that Profanity, a piece of software dedicated to creating Ethereum vanity addresses, was also used by Wintermute. At the moment, its anonymous maintainer has abandoned the open-source project.

There would be a disruption to Wintermute’s service for at least one day during the maintenance period. There is an outstanding debt of more than $200 million owed by DeFi to the crypto trading firm.

Wintermute’s hack now joins the list of high-profile crypto-theft incidents reported this year including a number of high-profile heists.

This is the latest breach to have occurred on DeFi protocols, and it is known as the Wintermute breach. This theft has been attributed to the North Korean-backed Lazarus Group, which has been found responsible for some of these thefts.

Moreover, in the course of billions of dollars of daily trades, crypto market makers and trading companies often carry debt.

Download Free SWG – Secure Web Filtering – E-book

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

AT&T Reveals Massive Breach Affecting Nearly All Customers’ Call & Text Records

AT&T, one of the largest telecommunications companies in the United States, has disclosed a significant…

1 hour ago

FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks

Imagine receiving an email that looks legitimate, down to the last detail. This is the…

4 hours ago

Beware of Phishing Attack that Abuses SharePoint Servers

A massive phishing campaign exploits Microsoft SharePoint servers to host malicious PDFs containing phishing links.…

5 hours ago

Apple Warns of Users in 98 Countries of Targeted Spyware Attacks

Apple has alerted iPhone users in 98 countries about potential mercenary spyware attacks. This marks…

7 hours ago

Citrix NetScaler ADC & Gateway Impacted by regreSSHion RCE Vulnerability

Qualys discovered a critical remote unauthenticated code execution (RCE) vulnerability, CVE-2024-6387, in OpenSSH’s server (sshd).…

8 hours ago

4000+ Domains Used By FIN7 Actors Mimic Popular Brands

Russian-linked FIN7 (aka Sangria Tempest, ATK32, Carbon Spider, Coreid, ELBRUS, G0008, G0046, and GOLD NIAGARA)…

8 hours ago