Well-known vulnerability in private keys likely exploited in $160M Wintermute hack
The vulnerability in private keys generated by the popular Profanity custom key generator was reported in January and has already been implicated in at least one hack major.
New
Blockchain cybersecurity firm Certik said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in the private keys generated by the Profanity app has likely been exploited. The vulnerability has been known since at least January.
The UK-based algorithmic crypto market maker announced the hack on Tuesday and said OTC and centralized financial trading was unaffected. About $162.5 million worth of cryptocurrency was taken. "We are solvent with twice that amount in equity," Wintermute CEO Evgeny Gaevoy said in a tweet.
Certik said in a blog post that the hack was due to a leak or forced private key, not a smart contract vulnerability:
"The exploiter used a privileged function with the private key leak to specify that the exchange contract was the contract controlled by the attacker."
The company added that a vulnerability in the popular custom address generator Profanity was likely involved in the hack.
Certik noted that decentralized exchange 1inch Network disclosed the apparent Profanity vulnerability in a September 13 blog post and subsequent warning on Twitter. 1-inch users spotted the vulnerability after a suspicious airdrop in June. 1inch said on his blog:
The vulnerability in private keys generated by the popular Profanity custom key generator was reported in January and has already been implicated in at least one hack major.
New
Blockchain cybersecurity firm Certik said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in the private keys generated by the Profanity app has likely been exploited. The vulnerability has been known since at least January.
The UK-based algorithmic crypto market maker announced the hack on Tuesday and said OTC and centralized financial trading was unaffected. About $162.5 million worth of cryptocurrency was taken. "We are solvent with twice that amount in equity," Wintermute CEO Evgeny Gaevoy said in a tweet.
Certik said in a blog post that the hack was due to a leak or forced private key, not a smart contract vulnerability:
"The exploiter used a privileged function with the private key leak to specify that the exchange contract was the contract controlled by the attacker."
The company added that a vulnerability in the popular custom address generator Profanity was likely involved in the hack.
Certik noted that decentralized exchange 1inch Network disclosed the apparent Profanity vulnerability in a September 13 blog post and subsequent warning on Twitter. 1-inch users spotted the vulnerability after a suspicious airdrop in June. 1inch said on his blog:
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
