fbpx
Skip to content Skip to sidebar Skip to footer

Widely-known Private Key Vulnerability Could Have Led to $160 Million Wintermute Hack

Blockchain cybersecurity firm Certik said that the Wintermute hack targeted a vulnerable private key. It was likely that there was an exploitation of a vulnerability — which was widely acknowledged since January — found in private keys produced by the Profanity app.

On Tuesday, the U.K. based algorithmic crypto market maker announced the breach and said that it has not impacted the centralized nor over-the-counter financial operations. Cryptocurrencies valued at around $162.5 million were seized. 

Evgeny Gaevoy, CEO of Wintermute, tweeted: “We are solvent with twice over that amount in equity left.”

In a blog post, Certik claimed that it was a leaked or brute-forced private key that led to the hack, instead of a smart contract vulnerability. The company continued to say that the attack was presumably caused by a vulnerability in the well-known Profanity vanity address generator.

The potential Profanity vulnerability was discovered by decentralized exchange 1inch Network in a blog post on September 13 and a subsequent warning spread on Twitter, according to Certik. 1inch users discovered the vulnerability after a dubious airdrop in June.

It was determined that the vulnerability was to blame for the $3.3 million breach on September 13. The developer abandoned the project and later archive it on September 15 after GitHub users found the issue in January 2022.

Certik stated that the private key compromise has brought $273.9 million worth of loss to the company so far this year, making it “one of the largest attack vectors”. The Harmony Protocol in June, which lost $97 million from the hack, came in second to the Wintermute attack.

Leave a comment

About NewsFirstLine

NewsFirstLine is a global leading blockchain & crypto news provider, covering daily news focused on trading and investment developments in bitcoin and crypto. We bring you expansive crypto news coverage around the world. We offer many thought leadership opinions from blockchain experts and leaders of the industry.

Subscribe to SCN

© Copyright of Novum Global Consultancy Pte Ltd {2020-2023}. All rights reserved.

Contact Us   |   T&Cs   |   Privacy Policy   |   About Us

About NewsFirstLine

NewsFirstLine is a global leading blockchain and crypto news provider, covering daily news on the latest tech and trading developments in blockchain, crypto, Web3, fintech and technology.

Follow Us On

© Copyright of Novum Global Consultancy Pte Ltd {2020, 2021}. All rights reserved.

Contact Us   |   T&Cs   |   Privacy Policy   |   About Us