Wintermute hack recreated; learn what went wrong on 20 Sept.

ambcrypto.com:

Hong Kong-based digital asset company Amber Group decoded the Wintermute hack that took place last month. The hack that occurred on 20 September caused the trading platform to lose approximately $160 million to the exploit. 

As reported by AMBCrypto earlier, the hacker made away with more than $61 million in USD Coin [USDC], $29.4 million in Tether [USDT], and 671 wrapped Bitcoin [wBTC] worth more than $13 million.

Several other altcoins worth millions of dollars were also a part of the stolen funds. The hacker gained funds spread across more than 90 altcoins.

Amber Group managed to recreate the hack by cloning the algorithm that was reportedly used by the perpetrator. The process, according to Amber Group, was rather quick and didn’t involve the use of any sophisticated equipment. 

Recall that crypto influencer @K06a previously stated that a brute force attack on Wintermute’s “vanity address” could theoretically be possible in 50 days using 1,000 graphics processing units. A vanity address is usually easily identifiable and thus comparatively vulnerable.

Wintemute stated after the hack that Profanity, an Ethereum address generation tool, was used to generate several of its addresses which happened to contain several zeros in front (vanity address).

— wishful cynic (@EvgenyGaevoy) September 20, 2022

Amber Group put this theory to the test and elaborated on how they exploited the Profanity bug to recreate the hacker’s exploit. For their test hack, the group