A significant attack caused Wintermute, a well-known the crypto market maker, to lose $162.2 million, according to the CEO of the company. In this incident, a variety of bitcoin money were taken.
Wintermute CEO Announces Huge Losses after Hacking
Evgeny Gaevoy, the CEO of Wintermute, tweeted on September 20, 2022, stating that a recent breach had caused his business to sustain a large financial loss. Gaevoy acknowledged that Wintermute was “hacked for roughly $160m in defi operations” in the initial tweet (displayed below), but assured customers that their money is secure.
Over fifty cryptocurrency-based businesses, including exchanges like Binance, Kraken, and UniSwap, are given liquidity by Wintermute. It is presently one of the most well-liked algorithmic market makers in the sector, transacting daily with billions of dollars’ worth of digital assets.
It is believed that in this assault, a well-known private key vulnerability was used to steal money. The Profanity app’s vulnerability, which is present in its code, was exploited to target specific addresses. Prior to the breach, Wintermute took action to ban its Profanity DeFi accounts, however a mistake made by a human caused it to overlook one account, which was later targeted.
Due to the exploitation of this vulnerability, Gaevoy claimed in the aforementioned Twitter conversation that Wintermute will classify this as a white-hat hack. This implies that if the hacker returns the stolen money in exchange for a reward, they will not face legal consequences for the crime.
Several Cryptos Were Stolen in the Attack
Over 70 different types of cryptocurrency were taken in the Wintermute hack, including the well-known stablecoins Tether and USD Coin (USDC) (USDT). The hack resulted in the theft of about $30 million in Tether and more than $60 million in USD Coin.
The hacker’s wallet, which already has substantial sums of Ethereum and other ERC-20 tokens, received these payments. Additionally, the hacker transferred a sizable chunk of the stolen money to a liquidity pool, making it more challenging to locate and recover them.
Large-Scale Hacks in the Crypto Industry Are Nothing New
Wintermute is not the first significant cryptocurrency company to experience a breach in recent years. Through 2021 and 2022, several platforms, including liquidity providers, exchanges, and other DeFi services, lost significant sums of cryptocurrency to remote assaults.
Take Crypto.com as an illustration. In January 2022, there was a cyberattack on this sizable cryptocurrency exchange, and $35 million was lost. In June of the same year, Fei Procotol, another significant company in the sector, suffered a $80 million loss due to a bug exploitation. Over the previous ten years, millions of dollars’ worth of cryptocurrency have been stolen, and new attacks are successfully carried out each month.
The Stolen Funds of Wintermute are Still Missing
It is unknown whether Wintermute would accept the hacker’s offer to return the stolen data, despite the fact that the corporation has promised a reward for its return. The $162.2 million that was taken from Wintermute is still missing as of this writing. If a compromise can be made with the hacker, only time will tell.