Hong Kong-based digital asset company Amber Group decoded the Wintermute hack that took place last month. The hack that occurred on 20 September caused the trading platform to lose approximately $160 million to the exploit.
As reported by AMBCrypto earlier, the hacker made away with more than $61 million in USD Coin [USDC], $29.4 million in Tether [USDT], and 671 wrapped Bitcoin [wBTC] worth more than $13 million.
Several other altcoins worth millions of dollars were also a part of the stolen funds. The hacker gained funds spread across more than 90 altcoins.
Amber Group managed to recreate the hack by cloning the algorithm that was reportedly used by the perpetrator. The process, according to Amber Group, was rather quick and didn’t involve the use of any sophisticated equipment.
Recall that crypto influencer @K06a previously stated that a brute force attack on Wintermute’s “vanity address” could theoretically be possible in 50 days using 1,000 graphics processing units. A vanity address is usually easily identifiable and thus comparatively vulnerable.
Wintemute stated after the hack that Profanity, an Ethereum address generation tool, was used to generate several of its addresses which happened to contain several zeros in front (vanity address).
<p lang=«en» dir=«ltr» xml:lang=«en»>2. The attack was likely linked to the Profanity-type exploit of our DeFi trading wallet. We did use Profanity and an internal tool to generate addresses with many zeroes in front. Our reason behind this was gas optimization, not “vanity”— wishful cynic (@EvgenyGaevoy) September 20, 2022
Amber Group put this theory to the test and elaborated on how they exploited the Profanity bug to recreate the hacker’s exploit. For their test hack, the group
Read more on ambcrypto.com