The CEO of popular cryptocurrency market maker Wintermute announced that the platform lost $162.2 million through a huge hack. In this attack, various cryptocurrency funds were stolen.
The CEO of Wintermute reveals the huge losses caused by the hack
On September 20, 2022, Wintermute’s CEO, Evgeny Gaevoy, tweeted that his company had suffered a huge financial loss as a result of a recent hack. In an initial tweet, Gaevoy said Wintermute “hacked about $160 million in defi operations,” but assured users that their funds were safe.
Wintermute provides liquidity for more than fifty cryptocurrency-based services, particularly exchanges such as Binance, Kraken, and UniSwap. It is currently one of the most popular algorithmic market makers in the industry, dealing with billions of dollars of digital assets every day.
It is believed that in this attack, a well-known private key vulnerability was exploited to steal funds. The vulnerability exists in the code of the Profanity application and is used to attack addresses associated with the software. Prior to the hack, Wintermute had blacklisted its Profanity DeFi account, but due to human error, an account was missed in the process, which was subsequently targeted.
Gaevoy said in the aforementioned tweet that because of the exploit of this vulnerability, Wintermute will treat the incident as a white-hat hack. This means that if a hacker returns the stolen funds in exchange for a reward, there will be no legal prosecution for the theft.
Various cryptocurrencies stolen in the attack
More than 70 cryptocurrencies were stolen during the Wintermute hack, including the popular stablecoins USD Coin (USDC) and Tether (USDT). In this attack, more than $60 million in USD Coin was stolen, along with nearly $30 million in Tether.
The funds were transferred to the hacker’s wallet, which already holds a large amount of Ethereum and other ERC-20 tokens. Hackers also transfer a large portion of stolen funds into liquidity pools, making it more difficult to track and retrieve them.
Large hacks are not new in the cryptocurrency industry
Wintermute isn’t the first big cryptocurrency company to have been hacked in the last few years. Many platforms, including liquidity providers, exchanges, and other DeFi services, lost large amounts of cryptocurrency through remote attacks in 2021 and 2022.
Take Crypto.com as an example. This huge cryptocurrency exchange suffered hacking in January 2022 and $35 million was stolen. Fei Procotol, another big player in the industry, lost $80 million through an exploit in June of the same year.
Over the past decade, billions of cryptocurrencies have been stolen.
Wintermute’s stolen funds remain at large
While Wintermute has offered a reward to the hacker’s responsible party, it is not known whether the malicious actor will accept the company’s offer. At the moment, the $162.2 million stolen from Wintermute is still missing. Only time will tell if a compromise with hackers can be reached.
