Crypto Sleuth Links The Wintermute $160M Hack To Insider Job

Share This Post

In the crypto industry, issues of hacks and exploits have become one of the dreaded nightmares. The increasing expansion of the crypto space brews more exploitations as well. Despite the security measures most crypto protocols build around them, the bad actors never cease to scan for available vulnerabilities.

On September 20, a source revealed bug exploitation on a Wintermute smart contract. According to the report, the hacker carted away more than 70 different crypto tokens from the platform worth about $160 million.

The stolen tokens include 671 Wrapped Bitcoin (wBTC), Tether (USDT), and USD Coin (USDC). The values of the coins at the time of the exploit are $13 million, 29.5 million, and 61.4 million, respectively.

Crypto Hack Analysis Points To An Internal Actor

A Medium post outlined the hack’s analysis. The author of the post, James Edwards, also known as the Librehash, stated the hack was from an internal party. His induction was based on how the exploit occurred on the smart contract of the algorithmic market maker.

Librehash alleged that the relevant transactions initiated by the externally owned address (EOA) suggest the involvement of a member of the Wintermute team.

Detailing his claims, Edwards reported that the EOA triggered the compromise on the Wintermute smart contract. He noted the EOA itself is compromised through the team’s use of a faulty online vanity address generator tool.

According to Edwards, the attacker could make calls on the Wintermute smart contract by recovering the EOA’s private key. But the EOA’s private key was supposed to have admin access.

Transparency Of Wintermute In Doubt

Edwards’ analysis revealed that the same has no uploaded and verified code. Hence, it inhibits the ease of the confirmation of the external hacker theory by the public. This spikes up concerns regarding the transparency of the algorithmic market maker.

The author termed it a transparency flop on the protocol itself. He noted that the smart contract manages users’ funds on the blockchain. So, the expectation is to enable the public to examine and audit the Solidity code.

Further analysis through manual decompiling of the smart contract code unveiled more truth. Edwards stated that the code did not match the attributed cause of the exploit.

Also, during the attack, there was a transfer of 13.48M USDT to the 0x0248 smart contract from the Wintermute smart contract. The hacker is supposedly the creator and controller of the recipient address.

Cryptocurrency market incurs a minor loss | Source: Crypto Total Market Cap on TradingView.com

Wintermute had not revealed details of the attack. But it took to Twitter to acknowledge the hack on September 21 while stating its continuous service to its partners. It noted that the hack did not impact its DeFi smart contract, internal systems, or third-party data.

Featured image from Al Bawaba, chart from TradingView.com

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

BIS Drops Mbridge Project Participation: It Was ‘Not Created to Serve the BRICS’

The BIS announced it was abandoning Mbridge, a project aimed at using CBDCs to interconnect the financial systems of several countries, due to its potential to help BRICS nations sidestep economic

Tron hits second-highest revenue as TRX gains momentum

Tron’s blockchain has seen remarkable progress, with its native token, TRX, surging to a yearly high as the network achieved its second-largest monthly revenue on record Data from CryptoSlate

Ethereum (ETH) Eyes 12% Rally as 100% Win-Rate Trader Goes Long

The post Ethereum (ETH) Eyes 12% Rally as 100% Win-Rate Trader Goes Long appeared first on Coinpedia Fintech News Ethereum (ETH), the world’s second-largest cryptocurrency by market cap, appears to

Analyst Exposes Ethereum Ascending Support At $2,400 – Best Chance To Accumulate ETH?

Ethereum is trading at $2,500, following a 9% pullback from recent highs after it failed to establish a higher high above $2,820 This retrace has sparked renewed interest among investors, with top

Top 3 Altcoins To Stack This Crypto Crash!

The post Top 3 Altcoins To Stack This Crypto Crash! appeared first on Coinpedia Fintech News The cryptocurrency market has experienced a major hit this week, with top tokens recording a significant

TRON Records Second-Highest Revenue in October at $205 Million, Claims 43% of Altcoin Transaction Share

The post TRON Records Second-Highest Revenue in October at $205 Million, Claims 43% of Altcoin Transaction Share appeared first on Coinpedia Fintech News The TRON network has been making big moves in