Crypto Sleuth: This Is Why the Wintermute Exploit Was an Inside Job

2022-9-28 20:00

Crypto sleuth James Edwards, aka Librehash, has offered his take on the attack vector used to rob London-based crypto firm, Wintermute on Sep. 20, 2022, alleging that the attack was an inside job.

Edwards offers a theory that the knowledge to perform this attack required intimate knowledge of Wintermute’s systems, and was not simply the result of an externally owned address (EOA) calling a Wintermute smart contract compromised by Profanity, a service Wintermute used to help lower transaction costs.

Following the attack, the prevailing theory was that it originated from Profanity. Wintermute blacklisted its Profanity accounts after DEX aggregator 1inch network had highlighted a security flaw in Profanity’s code.

Through human error, the London-based company had forgotten to blacklist one account, that CEO Evgeny Gaevoy suspected allowed the hacker to make off with $120 million in so-called stablecoins, $20 million worth of bitcoin and Ether, and $20 million worth of other altcoins.

Intermediary smart contract reveals hacker needed security clearance

Edwards specifically points out that functions within an intermediary smart contract (address 1111111254fb6c44bac0bed2854e76f90643097d) are responsible for coordinating the funds’ transfer between the Wintermute smart contract (address 0x0000000ae) and the alleged hacker (address 0x0248) point to the Wintermute team as the owner of the externally owned address (EOA).

Specifically, the function within the intermediary contract reveals that funds cannot be moved without the caller validating their security clearance.

Furthermore, the Wintermute smart contract revealed two deposits from exchanges Kraken and Binance before the funds were moved to the hacker’s smart contract. Edwards believes that deposits came from exchange accounts controlled by the Wintermute team. Otherwise, at least two questions need answering: a) Would the Wintermute team have been able to withdraw funds from both exchanges into their smart contract in under two minutes after the exploit began? b)If the answer to the first question is no, how did the hacker know of Wintermute’s two exchange accounts?

Wintermute likely to pursue legal action

Following the hack, Wintermute reached out to the hacker, offering them a 10% bounty if all stolen funds were returned within 24 hours. Gaevoy also announced an investigation involving internal and external service providers.

At the time of writing, the hacker had not responded to the bounty offer, meaning that Wintermute will likely pursue legal action.

The company has made no official announcement on its intended course of action.

The Wintermute hack was the fifth-largest DeFi hack of 2022.

The post Crypto Sleuth: This Is Why the Wintermute Exploit Was an Inside Job appeared first on BeInCrypto.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Emerald Crypto (EMD) на Currencies.ru

$ 0.0095806 (+7.58%)

Объем 24H $0

Изменеия 24h: 2.35 %, 7d: -7.78 %

Cегодня L: $0.0086651 - H: $0.0095806

Капитализация $183.154k Rank 1690

Доступно / Всего 19.117m EMD / 32m EMD

crypto attack job inside sleuth wintermute vector

233 +

Источник: beincrypto.com

crypto attack → Результатов: 126

Iran drone attack ripples through crypto markets, Bitcoin plunges 8%

After Iran's April 13 drone attack on Israel, here's how the crypto market reacted: $860 million liquidated and BTC plummeting more than 8%.

2024-4-15 20:33	Israel
crypto attack iran drone million 860 reacted

16 +

Scammers target victims with real crypto in new address poisoning attack

Blockchain analysts alarm about a novel attack vector, where bad actors are poisoning addresses with real crypto. Cyvers’ analysts have issued a warning about a newly identified phishing scam targeting crypto users, particularly those dealing with Ethereum (ETH). According to…

2024-2-17 11:15	ethereum
crypto attack analysts real poisoning targeting scam

39 +

Hacker Exploits Profanity’s Vanity Address to Steal $950 in ETH

Barely one week after the Wintermute hack, $950,000 in Ether (ETH) has been stolen from a crypto wallet through a “vanity address” exploit, according to reports on September 26, 2022. Profanity-Generated Vanity Addresses Under Attack On September 26, Peckshield, a…

2022-9-27 01:01
vanity 950 eth address september reports exploit

269 +

Revolut Fell For Social Engineering Attack, Data From 50K Users Exposed

It was Revolut’s turn. Another day, another data breach in the crypto world. About a week ago, someone inside the company’s headquarters fell for a scam. According to Revolut, the social hackers only had access to the data “for a short period of time.

2022-9-23 09:17
revolut data fell social another according inside

100 +

Oman's Indian embassy Twitter account compromised to promote XRP scam

The hackers behind the attack may have been responsible for breaching India-based crypto exchange CoinDCX’s Twitter account given the similar fake XRP giveaways.

2022-9-21 23:15	XRP
xrp twitter account responsible crypto india-based breaching

200 +

Chainalysis Aids in Recovering $30M From Axie Infinity, Ronin Hack

Over $30 million stolen during an attack on the Ronin Network this year has been recovered with the help of Chainalysis. $30 Million in Crypto Seized Chainalysis has helped law...

2022-9-9 00:42
chainalysis million ronin year seized helped law

148 +

Can Avalanche [AVAX] be a profitable bet for traders going long

Recently published CryptoLeaks blog post alleged that Ava Labs, the creator of the Avalanche blockchain, was involved in paying lawyers to “attack and harm crypto organizations and projects that migThe post Can Avalanche [AVAX] be a profitable bet for traders going long appeared first on AMBCrypto.

2022-8-31 01:30	News
avalanche long going avax traders bet profitable

250 +

Cardano’s Hoskinson Slams The US Treasury For Banning Tornado Cash

Cardano’s founder Charles Hoskinson has been the latest high-ranking crypto community member to speak out against the issue, calling out the US treasury for trying to spook software developers and attack their freedom of expression through code.

2022-8-26 01:21	Cryptocurrency News
cardano treasury hoskinson out software spook trying

224 +

Sanctioned Mixers Used to Launder Axie Infinity Funds, Reveals SlowMist Researcher

Following the $620 million attack on Axie Infinity’s Ronin sidechain, one researcher has traced fund flows to sanctioned crypto mixers. The post Sanctioned Mixers Used to Launder Axie Infinity Funds, Reveals SlowMist Researcher appeared first on BeInCrypto.

2022-8-23 21:00	Tornado Cash
infinity sanctioned axie researcher mixers launder slowmist

149 +

Now That Authorities Have Sanctioned Tornado Cash, Is Bitcoin Next?

Crypto privacy advocates were appalled when U.S. authorities sanctioned and shut down Tornado Cash. Could Bitcoin survive a similar attack?

2022-8-20 18:52
tornado bitcoin sanctioned cash authorities shut when

134 +

Now That Authorities Have Shut Down Tornado Cash, Is Bitcoin Next?

Crypto privacy advocates were appalled when U.S. authorities sanctioned and shut down Tornado Cash. Could Bitcoin survive a similar attack?

2022-8-19 18:52
down cash bitcoin shut tornado authorities sanctioned

183 +

Here's How Crypto Twitter Reacts to Attack on Tornado Cash

Netherlands Crime Agency (FIOD) arrested developer of Tornado Cash mixer after project was sanctioned by OFAC; Crypto Twitter has something to say

2022-8-13 16:48
tornado twitter crypto cash mixer sanctioned project

158 +

$190M Stolen From Nomad Bridge in “Frenzied Free-for-All” Hack

Thieves rushed to drain the bridge once news of the exploit surfaced. Unlike most other crypto hacks, stealing funds did not require in-depth programming knowledge. $190M Lost in Nomad Attack...

2022-8-2 12:32
190m bridge nomad funds stealing hacks did

155 +

How North Korea Infiltrated The Crypto Industry Using Fake LinkedIn Resumes

Per a Bloomberg report, North Korean-backed hackers might be stepping up their efforts and attack vectors against the crypto industry. Bad actors seem to be stealing resumes and information from major job listings websites to apply for jobs in the nascent sector.

2022-8-2 23:48	Crypto
resumes industry crypto north information stealing bad

222 +

Crypto lending app CoinLoan completes attack tests from Blaze to enhance security

CoinLoan, a licensed crypto lending platform, recently partnered with Blaze Information Security (Blaze), a cybersecurity firm with an international presence. The goal of the collaboration with Blaze was to test CoinLoan’s infrastructure, which enhances protection for every user and helps provide the highest level of cyber defense.

2022-7-23 19:18	security
blaze coinloan security crypto lending protection enhances

255 +

Experts Claim Cyber Attacks On Crypto Firms Will Rise, What’s Ahead?

Regarding cryptocurrency cybercrimes and attacks, North Korea is a notable region with increased activities. Many groups are posing high threats through their attack on some crypto protocols. Also, a report in June disclosed that North Korea has 7 million active hackers.

2022-7-13 23:00	North Korea
crypto attacks korea north attack threats posing

197 +

Rumors About Mt. Gox Effect On Bitcoin Resurface, Victims to Receive 150K BTC?

Victims from crypto exchange Mt. Gox hacked could finally see compensation for their lost Bitcoin. Almost a decade after an attack forced the platform to shut down, users began a long litigation process which could be which could bear fruit in the next coming months.

2022-7-8 22:28	btcusd
could victims bitcoin gox users began down

246 +

Blockchain data platform Chainalysis introduces ‘Crypto Incident Response Program’

Chainalysis, a blockchain data platform, today announced the launch of the Chainalysis Crypto Incident Response Service, a rapid response service for organizations that have been targeted by incidents such as a cyber attack, ransomware, market manipulation, or another type of exploit that involves a cryptocurrency theft or demand.

2022-6-23 00:23	Chainalysis
chainalysis response blockchain service crypto data platform

289 +

How Inverse Finance's $1.2 million exploit played out behind the scenes

The string of DeFi hacks continued to ensue in the crypto market, with the latest victim being Inverse Finance. It suffered a fresh exploit on 16 June worth $1. 2 million. It is the latest attack on thThe post How Inverse Finance's $1.

2022-6-17 13:30	News
finance inverse exploit million latest fresh suffered

232 +

Osmosis Exploiters Return $2M After Swindling $5M – New Data Surfaces

Osmosis is the latest crypto project to encounter an unexpected attack, as the looters made away with $5 million. The past few weeks haven’t been easy for crypto projects, especially exchanges.

2022-6-11 15:00	Scam
crypto osmosis million past away looters made

203 +

IRA Financial Sues Gemini Over $37M Crypto Heist

The lawsuit corroborates earlier reporting that hackers deployed a police SWAT team as “a ruse to distract IRA employees” on the day of the attack.

2022-6-8 17:56	Business
ira ruse swat police team attack day

177 +

Fear stronger than greed: The reason behind Axie Infinity's [AXS] weakness

Axie Infinity was the victim of the biggest hack in the history of crypto when it lost over $600 million, and today, it became witness to another attack after its Discord server's MEE6 bot was compromThe post Fear stronger than greed: The reason behind Axie Infinity's [AXS] weakness appeared first on AMBCrypto.

2022-5-19 09:30	News
axie infinity axs fear weakness behind stronger

496 +

Blockchain Data Indicates $10M Worth Of Ether From The Ronin Exploit In Rotation

More than 5,505 Ether of the Ronin Bridge exploitation seems to be transferred through Tornado Cash, a unique privacy crypto exchange. Blockchain data showed that the address associated with the $625 million Ronin Bridge Attack had begun transferring ether tokens valued at over $10 million.

2022-5-19 00:00	ethereum
ether ronin bridge million blockchain data 625

289 +

Op-Ed: Crypto is under attack

The markets are rocked.

The post Op-Ed: Crypto is under attack appeared first on CryptoSlate.

2022-5-14 14:00	Regulation
op-ed under attack crypto cryptoslate markets rocked

141 +

Popular Crypto Data Sites Targeted With Phishing Attack

Etherscan, CoinGecko, DeFi Pulse and other sites displayed a suspicious pop-up asking users to connect their wallets.

2022-5-14 01:07	Tech
suspicious pop-up displayed asking wallets connect users

241 +

XRP whales look for their final destination as traders go haywire

As the crypto market reels from the latest bear attack, how is one controversial top-ten coin dealing with more turmoil and conflict? XRP did produce a green candle earlier but on 11 May, a red one wThe post XRP whales look for their final destination as traders go haywire appeared first on AMBCrypto.

2022-5-12 02:30	News
xrp traders one haywire destination look whales

243 +

LUNA meltdown sparks theories and told-you-sos from crypto community

Some of you saw it coming; some of you still can't believe it's real. Was the "most significant collapse in crypto history" an attack?

2022-5-12 19:30	volatility
crypto real significant collapse attack history believe

157 +

Why The DeFi Sector Has Seen $1.57B In Exploits And Already Exceeds 2021 Record

Per a report from blockchain security firm Peck Shield, the DeFi sector has been under attack with a profitable season for bad actors. The total amount extracted from different crypto projects has already surpassed the total recorded last year.

2022-5-3 21:27	ethusd
defi total sector actors bad profitable amount

175 +

Hacker Drains $80 Million from DeFi Rari Capital and Fei Protocol, Bounty Is Offered

$80 million in crypto have been stolen as a result of a re-entrance attack against Rari Capital and Fei Protocol DeFi platforms

2022-4-30 15:07
rari capital fei protocol defi million result

185 +

Why This Ethereum Indicator Points to Bullish Continuation

Ethereum briefly bounced back from its critical support zone, but the bears resumed their attack. The second crypto by market cap has returned to an area that must be defended to prevent further losses.

2022-4-27 21:00	ethusd
ethereum cap returned market crypto second prevent

186 +

Ronin Attack Shows Cross-Chain Crypto Is a ‘Bridge’ Too Far

Last week’s $625 million exploit of the Axie Infinity sidechain underscores the risks of sacrificing decentralization for scale, Ethereum boosters say.

2022-4-6 22:45	Layer 2
underscores sidechain infinity axie risks decentralization boosters

357 +

DeFi Lender Inverse Finance Exploited for $15.6M

It is the third multimillion-dollar crypto attack to make headlines in recent days.

2022-4-3 21:24	Tech
attack crypto multimillion-dollar make headlines days recent

200 +

Hacker steals $1.8M worth of crypto and NFTs from DeFiance Capital founder

Arthur Cheong, the founder of crypto-asset fund DeFiance Capital who is also known as Arthur_0x on Crypto Twitter, became the latest target of a “social engineering attack” today, losing roughly $1.

2022-3-23 22:00	ethusd
founder arthur capital defiance crypto became latest

193 +

How This Crypto Investor Lost Millions Amid Phishing Attack, Lazarus Group Involved?

DeFiance Capital founder and crypto investor Arthur Ox was the victim of a phishing attack. Bad actors managed to compromise Ox’s hot wallet and took control of over $1. 5 million in non-fungible tokens (NFTs).

2022-3-23 21:00	hack
attack investor crypto phishing hot compromise actors

281 +

StandAgainstWar is helping war-torn Ukraine with crypto donations

The world is witnessing the largest conventional military attack in Europe since World War II. And, this severe humanitarian crisis is getting worse with each passing day. While we’re all praying foThe post StandAgainstWar is helping war-torn Ukraine with crypto donations appeared first on AMBCrypto.

2022-3-12 16:45	SPN News
donations standagainstwar crypto world helping ukraine war-torn

203 +

Nvidia Hack: How Lapsus$ Demands May Strangely Benefit Crypto Miners

Last Friday, reports of a cyberattack on Nvidia broke out. America's leading chip manufacturer confirmed a blackout on its business operations for close to 48 hours and attempted to quell panic by assuring frantic users that the attack has no effect on its service to customers.

2022-3-5 12:43	Ethereum News
nvidia quell attempted close panic hours effect

222 +

Crypto prices fall amid fears of Nuclear disaster in Europe

Europe is waking up to the news that there has been an attack involving nuclear materials in Ukraine. The post Crypto prices fall amid fears of Nuclear disaster in Europe appeared first on CryptoSlate.

2022-3-4 14:10	Price Watch
nuclear europe disaster crypto prices fall amid

201 +

Crypto prices fall amid fears of nuclear disaster in Europe

Europe is waking up to the news that there has been an attack involving nuclear materials in Ukraine. The post Crypto prices fall amid fears of nuclear disaster in Europe appeared first on CryptoSlate.

2022-3-5 14:10	Price Watch
nuclear europe disaster crypto prices fall amid

116 +

Market Wrap: Bitcoin Stabilizes Amid Geopolitical Uncertainty

Bitcoin (BTC) is attempting to pare earlier losses after Russia's unprovoked attack on Ukraine. Altcoins underperformed, and bitcoin's market cap continued to rise, suggesting a flight to safety among crypto investors.

2022-2-28 00:26	Markets
bitcoin market cap altcoins ukraine continued underperformed

100 +

Ukraine Says It has Received Crypto Donation Requests, Is Crypto Good For War?

Russia has launched a full-scale invasion of Ukraine on many fronts on Thursday, leading the Ukrainian government to mobilize troops, arm citizens, and appeal to foreign leaders for assistance. As world leaders have warned for weeks, Russian President Vladimir Putin has started a “unprovoked and unjustified attack” on Ukraine, according to US President Joe Biden. […]

2022-2-25 20:40	ukraine
ukraine president leaders crypto weeks russian warned

221 +

“Ethereum is Neutral, But I Am Not”, Says Vitalik Buterin As He Condemns Russia’s Attack On Ukraine

Many crypto market participants have been weighing in on the tension between Ukraine and Russia. The co-founder of Ethereum, Vitalik Buterin, has stated that his...

2022-2-25 19:09	vitalik buterin
vitalik buterin russia ukraine ethereum weighing tension

212 +

Ukraine Crypto: Lawmakers Legalize Cryptocurrencies As Fears Of Russian Attack Grow

Legislators have given their nod to the Ukraine crypto bill, making the use of crypto assets in the country easier as Ukraine teeters on the verge of a military confrontation with Russia. With 272 votes, the Ukrainian parliament gave its thumbs-up for the Law of Ukraine on Digital Assets.

2022-2-18 14:41
ukraine crypto assets ukrainian parliament votes russia

221 +

$320M Wormhole hack ranked as the fourth-largest one in crypto

Hacks in the decentralized finance (DeFi) sector have increased significantly over the past few years. The latest attack was on the Wormhole bridge that links the Ethereum (ETH/USD) and Solana (SOL/USD) blockchain.

2022-2-9 19:28	Cryptocurrency
usd wormhole bridge years latest attack eth

609 +

Wormhole Token Bridge Lost $321M In Crypto Heist

Wormhole token bridge that links the Ethereum and Solana blockchains, seemingly an unimportant piece of tech for its function, lost over $321 million Wednesday afternoon. This is the largest attack to date on Solana.

2022-2-3 18:15
solana wormhole lost token bridge million wednesday

174 +

Vitalik Buterin introduces 'shared security zone;' reveals riskiest blockchain-asset combos

There are a lot of "what if" questions in crypto, and the 51% attack is a favorite one to revisit. Now, Ethereum founder Vitalik Buterin has published his latest take on the matter, as he takes a lookThe post Vitalik Buterin introduces 'shared security zone;' reveals riskiest blockchain-asset combos appeared first on AMBCrypto.

2022-1-31 13:30	News
vitalik buterin combos riskiest blockchain-asset shared reveals

292 +

Will Crypto Mining Survive Another Government Crackdown?…

Crypto mining has been an environmental issue that cant be over looked; World governments have tried to put a lid on it but still have an uphill battle as the popularity of crypto grows. Will crypto be mining be able to last if the technology still impacts the earth on high levels ? Or will it mold with the time and adapt with the land before governments continue to attack Crypto currency.

2022-1-30 04:48
crypto mining governments still able grows technology

230 +

Cardano’s Charles Hoskinson Calls Out “Certain Parties” In Power For Proposing Bills Harmful To Crypto

Cryptocurrency is under attack from some influential individuals who are bent on sneaking in harmful bills through the U. S. Senate, pushing those bills to be passed as laws, and in this way bringing the entire industry to its knees.

2022-1-29 21:49	Cryptocurrency News
bills harmful those passed pushing senate sneaking

236 +

Nigerians attack Binance, trends #BinanceStopScamming

The largest crypto exchange by trading volume, Binance, is under fire from its users in Nigeria over the “unreasonable” closure of their accounts amidst other inappropriate activities carried out by the platform.

2022-1-28 13:00	Exchanges
binance closure unreasonable nigeria accounts out platform

315 +

What Went Wrong In The Crypto.com (CRO) Hack? Experts Weigh In

The Crypto. com hack is less than a week old and still very fresh in the minds of investors in the space. In what was a brief attack, the hackers were able to access a portion of users’ accounts on the platform and steal their funds.

2022-1-21 02:00
experts hack crypto accounts able users portion

196 +

дальше еще 77 новостей →

Партнеры Currencies.ru

Analogue Notcoin - TapSwap

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Wintermute sees positive prospects for Bitcoin ecosystem post-halving

Wintermute's recent report reveals key details on how the Bitcoin ecosystem is projected to react after the halving.

WOO X Introduces Meme Coin, Layer 2 Index Perpetuals in Partnership With Wintermute, GMCI

Indices provider GMCI’s MEME index includes top meme coins like SHIB, PEPE and DOGE, while the L2 index monitors leading blockchain scaling tokens like MATIC, IMX and OP.

Wintermute Asia completes first block trade of options via CME Group

Wintermute Asia, a branch of the algorithmic trading firm Wintermute Group, has executed its first options block trade through CME Group, marking a significant collaboration between crypto and traditional financial markets.

Wintermute threatens lawsuit against Near Foundation over failed $11M stablecoin conversion

Evgeny Gaevoy, the CEO of Crypto market maker Wintermute, said his firm would take legal action against Near(NEAR) Foundation and Aurora Labs for failing to deliver on their promise to convert $11 million worth of USN stablecoins into Tether’s USDT.

Bitcoin defies market trends with 27% rise during geopolitical tensions

Quick Take The recent conflict in Israel has triggered a sharp market response from a wide array of assets. Bitcoin saw a significant surge of 27%, growing from around $28,000 to approximately $35,000 since Oct.

Wintermute highlights talent movement between crypto and traditional finance

At a recent CCDAS conference in London, Wintermute's co-founder, Yoann Turpin, discussed the increasing transition of professionals from crypto-focused firms to conventional financial institutions, emphasizing the implications for both sectors.

Crypto market makers’ profits rapidly shrinking amid liquidation, legal woes

Growing operational costs, lack of trust, and legal scrutiny mark massive losses for crypto market makers

2022-9-28 20:00

crypto attack → Результатов: 126

2024-4-15 20:33

2024-2-17 11:15

2022-9-27 01:01

2022-9-23 09:17

2022-9-21 23:15

2022-9-9 00:42

2022-8-31 01:30

2022-8-26 01:21

2022-8-23 21:00

2022-8-20 18:52

2022-8-19 18:52

2022-8-13 16:48

2022-8-2 12:32

2022-8-2 23:48

2022-7-23 19:18

2022-7-13 23:00

2022-7-8 22:28

2022-6-23 00:23

2022-6-17 13:30

2022-6-11 15:00

2022-6-8 17:56

2022-5-19 09:30

2022-5-19 00:00

2022-5-14 14:00

2022-5-14 01:07

2022-5-12 02:30

2022-5-12 19:30

2022-5-3 21:27

2022-4-30 15:07

2022-4-27 21:00

2022-4-6 22:45

2022-4-3 21:24

2022-3-23 22:00

2022-3-23 21:00

2022-3-12 16:45

2022-3-5 12:43

2022-3-4 14:10

2022-3-5 14:10

2022-2-28 00:26

2022-2-25 20:40

2022-2-25 19:09

2022-2-18 14:41

2022-2-9 19:28

2022-2-3 18:15

2022-1-31 13:30

2022-1-30 04:48

2022-1-29 21:49

2022-1-28 13:00

2022-1-21 02:00

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Add news: propose for publication, Submit ICO