10% White-Hat Bounty Window Closing for $160M Wintermute Hacker

The clock is ticking for the Wintermute hacker to return $160 million in stolen funds, after which the London-based company will take legal action.

Following the Wintermute attack on Sep. 20, 2022, the company reached out to the hacker on Etherscan after crypto sleuth ZachXBT tracked down wallet addresses containing the stolen funds.

“We want to cooperate with you and resolve this matter immediately. Accept the terms of the bounty and return the funds within 24 hours before Sep. 22 UST by 23:59 while we can still consider this a white-hat event for a 10% bounty as offered. If the stolen funds are not returned by the deadline, you will force us to remove our bounty offer and white-hat label; we will then proceed accordingly with the appropriate authorities and avenues,” the company said.

At press time, the hacker had not responded, according to Etherscan.

Human error resulted in the hack

On the day of the hack, Wintermute CEO Evgeny Gaevoy said that the hacker exploited weaknesses in a domain service called Profanity, which takes the long strings of letters and numbers used in a wallet address and turns them into so-called “vanity addresses.” Vanity addresses are personalized human-readable wallet addresses that make transactions on Ethereum simpler. The hacker was able to generate all the combinations of keys or passwords for a single vanity address, enabling them to peek into the account balances of the address. Wintermute used one of Profanity’s additional features to reduce transaction costs.

Profanity’s vulnerabilities were first highlighted in a Sep. 15, 2022 blog post by 1inch, a decentralized exchange aggregator. Wintermute responded by blacklisting Profanity accounts to prevent their liquidation but missed one through human error. The profanity account was linked to the company’s decentralized finance wallet. The hacker then exploited that single account to drain $120 million worth of stablecoins, $20 million of bitcoin and ether, and $20 million in other currencies.

Binance CEO Changpeng “CZ” Zhao had earlier commented that the Wintermute hack looked related to Profanity. “If you used vanity addresses in the past, you might want to move those funds to a different wallet,” he tweeted.

We took a calculated risk, says Wintermute CEO

Wintermute could not use proven crypto security practices such as hardware wallets or so-called “multi-sig” methods that require multiple parties to digitally sign transactions since it engages in automated trading, where transactions need to be signed in real-time. To compensate, the company chose to develop proprietary tools and security protocols.

“Ultimately, that’s the risk we took. It was calculated,” said Gaevoy. “It didn’t work out this year.

Regarding the identity of the hacker, Gaevoy said that he has some ideas on the hacker’s identity that is being internally and externally investigated. The hack is the fifth largest DeFi hack in 2022.

For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.

The post 10% White-Hat Bounty Window Closing for $160M Wintermute Hacker appeared first on BeInCrypto.

Related Posts

Insolvency not in ‘Nexo’s reality,’ says co-founder during AMA

Co-founder Kalin Metodiev stated that comparisons between Celsius, Voyager and Nexo are “very far from reality” and that the firm is focused on building in a sustainable…

Ethereum Name Service: Here Are the 5 Most Expensive ENS Domains

Ethereum Name Service (ENS) domains have seen a sharp rise in interest over the last six months. New registrations hit 437,000 in September alone. On secondary markets…

Anchorage co-founder sees ‘tons of opportunity’ as it expands into Asia

Anchorage Digital has marked its plans for expansion into the Asian crypto market, with co-founder Diogo Mónica noting that Singapore is just a starting point. Anchorage Digital…

Federal regulators are preparing to pass judgment on Ethereum

The Securities and Exchange Commission is moving to take action against Ethereum that reaches far beyond America’s borders. Are regulators with the U.S. Securities and Exchange Commission…

Why It’s Important To Build Stablecoins On Bitcoin

Lightning Labs is building the ability to use stablecoins on the Lightning Network using the new Taro protocol due to demand in emerging markets. This is a…

SEC Chair Gensler Insists Most Crypto Tokens Are Securities — Says ‘the Law Is Clear’

The chairman of the U.S. Securities and Exchange Commission (SEC), Gary Gensler, has reiterated that most crypto tokens are securities, emphasizing that “the law is clear on…

Generated by Feedzy