No products in the cart.
- Latest
- Trending
ADVERTISEMENT
Liquidity provider Wintermute, which provides liquidity to most CeFi and DeFi exchanges, has been hit hard by a second security-based incident this year.
CEO Evgeny Gaevoy twitter thread On Tuesday, the platform revealed that it had encountered a $160 million breach in its decentralized finance (DeFi) operations. The company’s CeFi business and over-the-counter services were unaffected, he said.
Gaevoy has indicated that with $320 million in capital left after the hack, Wintermute is still solvent. Users can expect the platform to face disruption over the next few days until operations return to normal.
The CEO said the company was “open” to treating the situation as a white hat, referring to hackers who only test the system for vulnerabilities compared to malicious hackers. It is unclear if that was the hacker’s intentions.
Wintermute is one of the largest crypto liquidity providers specializing in crypto market making for exchanges such as Binance and Coinbase.
The hack has already had ramifications such as: Pause trading Bebob, an emerging DeFi dex using Wintermute’s market making service.
Tuesday’s incident is the second time the company has been involved in a hack this year. In June, hackers stole 20 million Optimism tokens from him. failed transaction with winter mute.
Mudit Gupta, chief security officer at Polygon speculated: in a tweet that the hack was the result of a hot wallet compromise profanity bug It was discovered last week by a 1 inch contributor. 1inch warned that wallet addresses generated using the Profanity tool could be compromised.
If you use Profanity to get a vanity smart contract address, make sure to change the owner of that smart contract, 1inch staff wrote on Sept. 15. blog post.
Profanity’s popularity is not without flaws, and its vulnerabilities allowed hackers to “covertly” steal tens of millions of dollars from users’ wallets, the poster said.
Its not an easy task, but at the moment it looks like tens of millions, if not hundreds of millions of dollars of cryptocurrency could be stolen, they said in the post.
of ethereum address In connection with the Wintermute hack, as of 6:15 a.m. ET Tuesday, approximately $13 million in wrapped Bitcoin (WBTC) and ETH, among other tokens including Matic, DYDX and FTX tokens. Had $9.3 million.
Most of the stolen funds $114 million in USDC and USDT stablecoins have been transferred to Curve Finance’s flagship ‘3Crv’ liquidity pool. Mixed within the $869 million pool, it could make it harder for centralized stablecoin issuers Circle and Tether to freeze the token.
Gaevoy did not specify when or how the hack occurred. Wintermute, Circle and Tether did not respond to Blockworks’ requests for comment by press time.
This is a developing story and may be updated.
This article was updated at 8:43 AM ET on September 20th.
Get the day’s top crypto news and insights delivered to your inbox every night. Subscribe to Blockworks’ free newsletter now.
