The London, England-based cryptocurrency market maker Wintermute announced becoming the target of a cyberattack and hackers stole $160 million from its DeFi (decentralized finance) operation.
On Tuesday, the company confirmed that the hack was restricted to its DeFi operations, and OTC (over the counter), lending, and Cefi services remained unaffected. However, its service may be disrupted for a day.
The algorithmic trading firm, Wintermute, was founded in 2017. Currently, it trades billions of dollars in both decentralized and centralized cryptocurrency trading platforms.
Hack Details.
According to Certik blockchain cybersecurity firm, a vulnerable private key generated by the Profanity vanity address generator is responsible for this attack. As per Certik’s analysis, the vulnerability exploited by the attackers has been known since January.
The attacker (s) used the leaked or brute-forced private key instead of leveraging a smart contract vulnerability and obtained a privilege escalation feature to specify that the “swap contract was the attacker-controlled contract.”
The Profanity vulnerability was disclosed and disclosed by 1inch Network in its blog post published on September 13th and also warned about it on Twitter.
Over $200 Million In DeFi Debt.
The company reportedly has more than $200 million in outstanding DeFi debt. The largest debt loosed by TrueFi is around $92 million Tether (USDT) and it is due to mature on 15 October 2022. Another lender is Maple Finance whom Wintermute owes $75 million in USDC and wrapped ether. The company owes $22.4 million to Clearpool.
Most of the debt issued is in stablecoins but it is unclear if the company’s mention of Equity covers digital assets too.
Targeted Assets.
Garvey explained that around 90 assets were targeted in the hack. Two of them have been notional for more than $1 million and none of them were notional for over $2.5 million. Furthermore, Gaevoy insisted that Wintermute market maker customers having agreements with the company should not worry about it.
It is worth noting that the company is considering it as a white hat event and has requested the attacker to contact them.
Wintermute is just one of the many high-profile cryptocurrency firms that have become targets of hackers in 2022. Previously, blockchain bridge Wormhole suffered $320 million in losses, and Ronin Network suffered a whopping $600 million in losses.