Wintermute, one of the most prominent market makers in the cryptocurrency industry was hacked and the cybercriminal stole approximately $160 million worth of digital assets.
The hack involved a series of unauthorized transactions that transferred USD Coin, Binance USD, Tether USD, Wrapped ETH, and 66 other cryptocurrencies to the attacker’s wallet.
The company stated that its centralized finance (CeFi) and over-the-counter (OTC) operations have not been impacted by the security incident.
The digital asset market maker that provides liquidity to several exchanges and crypto platforms, warned of disruption to its services in the coming days, but assured that it’s “solvent with twice over that amount in equity left.”
The company’s founder and CEO, Evgeny Gaevoy tweeted that they are still open to treating this as a white hat, so the attacker can get in touch.
The exact exploit method used to perpetuate the hack is unknown at the moment, although Gaevoy said the attack was likely caused by a “Profanity-type exploit” in its trading wallet.
Wintermute acknowledged it did use Profanity, an Ethereum vanity address generation software, alongside an in-house tool to generate addresses with many zeros in front as recently as June.
The open-source project is currently abandoned by its anonymous maintainer, who goes by the moniker johguse, citing “fundamental security issues in the generation of private keys.”
The Wintermute breach is the latest attack on DeFi protocols, including that of Axie Infinity, Harmony Horizon Bridge, Nomad, and Curve.Finance in the past few months. Some of these thefts have been attributed to the North Korea-backed Lazarus Group.
Image Credits : Crypto economy