Evgeny Gaevoy, the CEO of Wintermute, said that the company had been hacked and had lost $162.2 million in DeFi operations.

Over 50 cryptocurrency exchanges and trading platforms, such as Binance, Coinbase, Kraken, and Bitfinex, receive liquidity via Wintermute.

With twice the amount of equity that was stolen, the business is still solvent. However, a service interruption is to be expected over the next few days as the platform works to resume all of its functions.

The security issue will be handled as a “white hat” event, according to Gaevoy. This means they are open to paying the attacker a reward for successfully exploiting the vulnerability without facing any legal repercussions.

It’s unclear, though, whether the threat actor is eager to give Wintermute its money back.

The CEO of the company has made it clear that the security incident has not affected Wintermute’s CeFi (centralized finance) or OTC (over-the-counter) operations.

Wintermute hacker steal

Gaevoy has given investors the option to recall loans if they so choose in order to allay their concerns about lenders.

Digital assets valued at over $47,7 million are currently in the hacker’s wallet. The remaining funds have been transferred to Curve Finance’s “3CRV” liquidity pool, where it will be difficult to distinguish and freeze the tokens.

How the hack happened

Gaevoy did not elaborate on how the hacker was able to obtain the assets, but some crypto-experts believe that a bug in Profanity. An Ethereum vanity address generator for which there is proof-of-concept (PoC), is a likely explanation.


With the help of profanity tools, users may construct addresses that are somewhat randomized but still contain vanity Ethereum addresses. They can customize and that contains a predetermined string of letters and digits (A through F).

Due to basic security issues that made it possible to crack private keys. And the author gave up on the project a few years ago.

More particularly, someone could use about 1,000 GPUs over 50 days to brute-force the private keys every 7-character vanity address.

Many cryptocurrency mining farms operate with a greater number of GPUs. Despite the fact that such a collection would demand substantial investment.

In addition, the recent Ethereum merger has rendered big mining farms ineffective. Cracking profanity addresses would be a great method for some of these agricultural owners to get back to profitability.

Profanity has a vulnerability that security specialists recently revealed and has already been exploited by criminals to steal $3.3 million.

They urged anyone with money in wallets made with profanity to transfer it to another location right away.

In response to the latest revelations, the creator of Profanity deleted all project’s binaries and archived its GitHub repository. To lower the possibility that someone might use the unsafe programme in the future.

The Profanity flaw appears to have been used to build the compromised Wintermute wallet. It suggests that the money could have been stolen using it.