Crypto Sleuth: This Is Why the Wintermute Exploit Was an Inside Job

2022-9-28 20:00

Crypto sleuth James Edwards, aka Librehash, has offered his take on the attack vector used to rob London-based crypto firm, Wintermute on Sep. 20, 2022, alleging that the attack was an inside job.

Edwards offers a theory that the knowledge to perform this attack required intimate knowledge of Wintermute’s systems, and was not simply the result of an externally owned address (EOA) calling a Wintermute smart contract compromised by Profanity, a service Wintermute used to help lower transaction costs.

Following the attack, the prevailing theory was that it originated from Profanity. Wintermute blacklisted its Profanity accounts after DEX aggregator 1inch network had highlighted a security flaw in Profanity’s code.

Through human error, the London-based company had forgotten to blacklist one account, that CEO Evgeny Gaevoy suspected allowed the hacker to make off with $120 million in so-called stablecoins, $20 million worth of bitcoin and Ether, and $20 million worth of other altcoins.

Intermediary smart contract reveals hacker needed security clearance

Edwards specifically points out that functions within an intermediary smart contract (address 1111111254fb6c44bac0bed2854e76f90643097d) are responsible for coordinating the funds’ transfer between the Wintermute smart contract (address 0x0000000ae) and the alleged hacker (address 0x0248) point to the Wintermute team as the owner of the externally owned address (EOA).

Specifically, the function within the intermediary contract reveals that funds cannot be moved without the caller validating their security clearance.

Furthermore, the Wintermute smart contract revealed two deposits from exchanges Kraken and Binance before the funds were moved to the hacker’s smart contract. Edwards believes that deposits came from exchange accounts controlled by the Wintermute team. Otherwise, at least two questions need answering: a) Would the Wintermute team have been able to withdraw funds from both exchanges into their smart contract in under two minutes after the exploit began? b)If the answer to the first question is no, how did the hacker know of Wintermute’s two exchange accounts?

Wintermute likely to pursue legal action

Following the hack, Wintermute reached out to the hacker, offering them a 10% bounty if all stolen funds were returned within 24 hours. Gaevoy also announced an investigation involving internal and external service providers.

At the time of writing, the hacker had not responded to the bounty offer, meaning that Wintermute will likely pursue legal action.

The company has made no official announcement on its intended course of action.

The Wintermute hack was the fifth-largest DeFi hack of 2022.

The post Crypto Sleuth: This Is Why the Wintermute Exploit Was an Inside Job appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Emerald Crypto (EMD) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 4.67 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0095806 (-100%)

crypto attack job inside sleuth wintermute vector

crypto attack → Результатов: 126


Crypto lending app CoinLoan completes attack tests from Blaze to enhance security

CoinLoan, a licensed crypto lending platform, recently partnered with Blaze Information Security (Blaze), a cybersecurity firm with an international presence. The goal of the collaboration with Blaze was to test CoinLoan’s infrastructure, which enhances protection for every user and helps provide the highest level of cyber defense.

2022-7-23 19:18


Blockchain data platform Chainalysis introduces ‘Crypto Incident Response Program’

Chainalysis, a blockchain data platform, today announced the launch of the Chainalysis Crypto Incident Response Service, a rapid response service for organizations that have been targeted by incidents such as a cyber attack, ransomware, market manipulation, or another type of exploit that involves a cryptocurrency theft or demand.

2022-6-23 00:23


Ukraine Says It has Received Crypto Donation Requests, Is Crypto Good For War?

Russia has launched a full-scale invasion of Ukraine on many fronts on Thursday, leading the Ukrainian government to mobilize troops, arm citizens, and appeal to foreign leaders for assistance. As world leaders have warned for weeks, Russian President Vladimir Putin has started a “unprovoked and unjustified attack” on Ukraine, according to US President Joe Biden. […]

2022-2-25 20:40


Vitalik Buterin introduces 'shared security zone;' reveals riskiest blockchain-asset combos

There are a lot of "what if" questions in crypto, and the 51% attack is a favorite one to revisit. Now, Ethereum founder Vitalik Buterin has published his latest take on the matter, as he takes a lookThe post Vitalik Buterin introduces 'shared security zone;' reveals riskiest blockchain-asset combos appeared first on AMBCrypto.

2022-1-31 13:30


Will Crypto Mining Survive Another Government Crackdown?…

Crypto mining has been an environmental  issue that cant be over looked; World governments have tried to put a lid on it but still have an uphill battle as the popularity of crypto grows. Will crypto be mining be able to last if the technology still impacts the earth on high levels ? Or will it mold with the time and adapt with the land before governments continue to attack Crypto currency.

2022-1-30 04:48