- Wintermute debuted in 2017, with its main focus on digital asset markets and supported and served many blockchain-based projects as well as Over-The-Counter(OTC) Trading
- On September 20th, Wintermute was experiencing a DeFi hack draining their funds from their decentralized finance systems
- They stated on September 15th that companies and individuals using Profanity should change their owners due to an underlying bug within its systems
Aside from crypto volatility, crypto hacks are notorious demerits often found within the crypto ecosystems. This has led to most cryptocurrencies having opted to buffer their blockchain security to the maximum.
From experiences like Mt Gox, hackers are still trying to learn new ways to profit through illegal means in the crypto market. The most recent and tear-dropping crypto heist set its eye on Wintermute, market -making firm that lost $160 million to the DeFi hack.
Why Wintermute, and how did it happen
Wintermute is one o the leading crypto market makers and trading platforms today. The company debuted in 2017, and its main focus was on digital asset markets and supported and served many blockchain-based projects as well as Over-The-Counter(OTC) Trading.
OTC trading generally involves a decentralized market whose participants trade numerous things. They include stocks, commodities, fiat and digital currencies directly between two or more parties without needing a central broker or exchange. This feature allowed Wintermute to benefit from the current crypto ecosystem, and they recently ventured into Decentralized finance.This potentially made Wintermute a target to hackers, and unfortunately, the worst case happened.
On September 20th, Wintermute was experiencing a DeFi hack draining their funds from their decentralized finance systems.
Etherscan, a blockchain tracking service, flagged suspicious transactions running a considerable amount of Dai stablecoin, USD Coin, Tether, Wrapped ETH and other digital currencies. This raised some concerns, and to boot, the hackers labelled the wallet address Wintermute Exploiter.
The hacker identified the various addresses within Wintermute’s Tron network. They also figured out the private keys behind them, thus enabling them to siphon funds from these addresses. This attack was technical, and the hacker had to deeply understand how the Wintermute system works from a base level. This is accomplished in various ways, such as deep diving into GitHub stored source codes.
Although the exact method is still speculation, experts have stated that the DeFi hack bypassed its blockchain security to uncover vulnerabilities in their vanity wallet addresses using a tool called Profanity. This tool creates many possible addresses until one with the correct sequence is identified.
Mudit Gupta, the chief security officer at Polygon, concurred with this speculation. It is also critical to note that 1inch, an exchange aggregator, cautioned users of vanity wallet addresses. They stated on September 15th that those companies and individuals using Profanity should change their owners due to an underlying bug within its systems. A caution not many in the crypto ecosystem took.
Way Foward for Wintermute
The crypto market has suffered extensive losses due to this hack, but not all hope is lost. This might seem like a colossal loss, but Wintermute has other ample funding. The company remains resilient as it has more equity funds to keep it running smoothly. Currently, Gaevoy, the CEO of Wintermute, is treating the DeFi hack as a white hat event. A white hat attack is generally an authorized cyber attack to determine critical vulnerabilities and flaws.
The beauty of decentralization and blockchain technology has allowed authorities to track down the hacker’s wallet successfully. It currently holds $9 million in ether(ETH) and $38 million in other ERC-20 tokens. Although the DeFi hack compromised its crypto ecosystem, its OTC and centralized finance operations were unaffected. This has enabled the firm to maintain its operations while rebuilding its DeFi security.
Wintermute has urged the hacker to come forth and return the stolen money. They will receive some form of compensation for uncovering a major security vulnerability. Far-fetched as this might seem, it is not impossible; in August 2021, a hacker identified and exploited a vulnerability within the Poly Network cross-chain bridge, stealing up to $600 million. The hacker then returned the money to the targetted companies as a show of goodwill; they stated that they merely wished for the companies to realize their security flaw and improve upon their countermeasures.
Even though the crypto market still suffered this loss, its daily operations have remained untethered. Since blockchain, Web3 and crypto are still relatively new concepts, crypto-related firms should address various security vulnerabilities. Despite these DeFi hacks causing substantial damage, they also serve as learning points on which blockchain developers and cyber security analysts can improve to continue securing the crypto ecosystem.
Read:A benchmark for blockchain networks: Cyberpunks lose 5, 2.5 ETH in a NEAR Protocol hacking attempt