Blockchain cybersecurity company Certik has said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in private keys generated by the Profanity app was likely exploited.
The vulnerability has been known since at least January.The U.K.-based algorithmic crypto market maker announced the hack on Tues and said over-the-counter and centralized finance operations were not affected.
About $162.5 million worth of cryptocurrencies were taken. “We are solvent with twice over that amount in equity left,” Wintermute CEO Evgeny Gaevoy said in a tweet.
Certik said in a blog post that the hack was due to a leaked or brute-forced private key, and not a smart contract vulnerability:The company added that a vulnerability in the popular Profanity vanity address generator was probably at fault in the hack.Certik noted that decentralized exchange 1inch Network disclosed the apparent Profanity vulnerability in a Sept.Read more on cointelegraph.com