Although Wintermute has not published reports on the case, analysts suggest that it was all due to the use of a custom address with few security the term securities refers to a fungible and tradable financial instrument that carries a type of monetary value. safeguards, which the attackers breached to gain access to the vault where the funds were stored.
- Hackers robaron USD $160 millones en ETH a Wintermute
- Thesis suggests that the security breach was due to the use of a custom address
- This address served as a hot wallet to authenticate transactions for the vault. Wintermute
- Wintermute has not yet provided any further information about what happened
The maker of algorithmic marketplaces for cryptocurrency cryptocurrencies are digital currencies that use cryptographic technologies to secure their operation. trading, Wintermute , indicated today that it was the victim of a hack that resulted in the theft of USD $160 million from its vault at Ethereum, which worked through the use of a smart contract.
At the moment there are few details known in relation to the case, but some analysts offer certain theses and ideas in relation to the events that occurred, among which the idea of a vulnerability exploited by the attacker to access the private keys that enabled the administration of the vault in question is gaining strength.
Security breach by using a custom address
This thesis was presented by the director of the information security area for Polygon, Mudit Gupta, who said that this was in part possible because the staff of the Wintermute made use of a personalized address which industry analysts also refer to as the “vanity address”. The thing is that it worked like a hot wallet ( hot wallet a place where cryptocurrency users can store, send and receive digital assets. ) that authenticated transactions for the vault from which the funds were stolen.
While the use of these personalized addresses is becoming more and more common and there are several services that allow interested parties to make use of this type of wallets, not all of them may meet the standards in terms of security to ensure the integrity of the funds hosted there. This was revealed in a report published by the team at 1Inch, which pointed out that the wallets generated by the team ofProfanitywere not secure, since with certain procedures attackers could access the private keys.
According to Gupta, his hypothesis is that a hacker tracked the movements linked to the address used by Wintermute, then managed to calculate the private keys associated with the latter, and with this he was able to access the vault, which he subsequently emptied completely:
“The vault only allows admins to make these transfers, and the Wintermute hot wallet is an admin, as expected. Therefore, the contracts work within expectation, but it was the admin’s address a place where cryptocurrency can be sent to and from, in the form of a string of letters and numbers. that was likely compromised.”
Gupta’s remarks were backed up by the cybersecurity firm’s staff. SlowMist, which indicated in an interview with the mediaThe Block a file containing information on transactions completed during a given time period. Blocks are the constituent parts of a blockchain.that the basis for this gap lies in the use of a personalized address, and added that some $114 million in ETH went to the decentralized decentralization refers to the property of a system in which nodes or actors work in concert in a distributed fashion to achieve a common goal. exchange businesses that allow customers to trade cryptocurrencies for fiat money or other cryptocurrencies. Curve.
Wintermute has not yet been pronounced
While security firms and analysts look closely at the case to identify the probable causes, the team at Wintermute still has not shared official information about what happened, so for the moment the facts and the course to follow after this incident are not clear.
Although Wintermute did not confirm any of the previously stated theses, the service’s founder, Evgeny Gaevoy, quoted a tweet posted last Saturday, September 17, by the lead developer of theYearn Finance,Banteg, who had made reference to a hack that was made possible after breaching a custom address.
There, Gaevoy commented as follows:
Karma is a bitch:) https://t.co/K0NHWke9AA
— wishful cynic (@EvgenyGaevoy) September 17, 2022
The team is expected to Wintermute I will soon publish information about the events that took place.
- Ethereum a decentralized open-source blockchain with smart contracts functionality. fork, ETHPoW, suffers its first smart contract in traditional finance, a contract is a binding agreement between two parties. In cryptocurrencies, smart contracts execute functions on the blockchain. hack
- US authorities sanction Bitcoin the biggest and most popular cryptocurrency in the world. It is a decentralized digital currency that enables users to make trustless peer-to-peer transactions. addresses allegedly linked to Iranian hackers
- Attack failed: Hacker wanted to steal a bridge protocol, but ended up losing 5 ETH
Article by Angel Di Matteo / DiarioBitcoin
Imagen de Unsplash