Crypto market maker Wintermute has suffered a significant cyberattack that saw the culprits manage to steal $160 million worth of digital assets.
In a Twitter thread(opens in new tab), company CEO Evgeny Gaevoy said that the attackers targeted Wintermute’s DeFi proprietary trading operations, which are “completely separate and independent” from its CeFi and OTC operations.
“The attack was in relation to our wallet used for DeFi proprietary trading operations, which are completely separate and independent from our CeFi and OTC operations. Our internal systems in both Cefi and Defi are not affected, as well as any internal or counterparty data,” he added.
Company remains solvent
Further explaining what had happened, Gaevoy said the attack was “likely linked” to the Profanity-type exploit of its DeFi trading wallet. “We did use Profanity and an internal tool to generate addresses with many zeroes in front. Our reason behind this was gas optimization, not “vanity”,” he added, before stating that the last time the team generated such addresses was in June.
“We have since moved to a more secure key generation script. As we learned about the Profanity exploit last week, we accelerated the “old key” retirement,” Gaevoy stated.
Despite the breach and its damaging effect, Gaevoy said customers shouldn’t be too worried, as funds for customers with Wintermute agreements are safe. The company is still solvent, “with twice over that amount in equity left.”
All in all, the crooks stole 90 different token, including stablecoins USDC and USDT.
While the investigation is still ongoing, the team is trying to solve this the easy way, by offering the attacker a 10% bounty if they return the remaining funds. In a subsequent tweet, Gaevoy said: “To the hacker, we offer a 10% bounty on funds taken. To make it easy, we propose for you to transfer all of the funds taken through the exploit, save for $16M USDC.”
At press time, no payment has yet been made.