Cointelegraph
DOGE$0.07256 0.78%
TRX$0.3263 0.91%
LINK$8.34 1.51%
ZEC$558.59 3.78%
ADA$0.1647 0.28%
XRP$1.09 0.96%
ETH$1,868.43 1.32%
BTC$64,567.96 0.97%
XMR$337.22 2.77%
BNB$567.71 0.05%
XLM$0.1867 1.70%
SOL$76.03 1.75%
HYPE$61.29 4.19%
Written by Joe Hallformer writerReviewed by Felix Ngstaff editor

$160M stolen from crypto market maker Wintermute

Latest NewsPublishedSep 20, 2022

The CEO of Wintermute has stated that it is “open” to treating the hack as a white hat hack and would speak to the attacker.

160-million-stolen-from-crypto-market-maker-wintermute

Wintermute, a cryptocurrency market maker based in the United Kingdom, became the latest victim of decentralized finance (DeFi) hacks, losing approximately $160 million, according to Evgeny Gaevoy, the company’s founder and CEO.

Short communication on the ongoing Wintermute hack— wishful cynic (@EvgenyGaevoy) September 20, 2022

According to Etherscan, over 70 different tokens have been transferred to “Wintermute exploiter,” including $61,350,986 in USD Coin (USDC), 671 Wrapped Bitcoin (wBTC), which is roughly $13,030,061, and $29,461,533 Tether (USDT). The largest token sum appears to be USDC.

The company’s over-the-counter and centralized finance operations were not affected, as the hacker(s) drained funds from its DeFi operations. Gaevoy stated that the market maker is solvent with twice the stolen amount in equity left, stressing that users’ funds are safe.

Wintermute is an algorithmic market maker working with digital assets such as cryptocurrencies. The group is a registered company in the United Kingdom, located in Cheshire, and regulated by the Financial Conduct Authority. According to Companies House, Evgeny Gaevoy is director with “more than 25%, but not more than 50%” of shares.

According to Ajay Dhingra, head of research and analytics at smart exchange Unizen, “The nature of the exploit suggests that Wintermute’s hot wallet was compromised.” Dhingra told Cointelegraph that “The attacker cleverly manipulated the bug in the smart contract.”

"This incident again brings focus on tightening the screws around smart contract security, which is an uncharted territory as of now."

In the short tweet thread, Gaevoy, a Dutch national, suggested that the hack could be treated as a white hat hack. The perpetrator may contact Wintermute to share the vulnerabilities they discovered to avoid repeat hacks in the future.

Related: Polygon CSO blames Web2 security gaps for recent spate of hacks

White hat hacks are common in crypto. Exchanges, market markers and sometimes companies reward hackers bounties in the form of cash or job positions. As the Ether (ETH) address for the Wintermute Exploiter is public, the address has been spammed by crypto enthusiasts, stating messages like “plz give. I’m very poor. Even $5k would be amazing.”

People spamming the wintermute exploiter
Always fun going through these messages pic.twitter.com/a8ZSoQKFT1— Paul (@Frapees) September 20, 2022

Cointelegraph has reached out to Wintermute for a response and will update when possible.

1 minute letter

Subscribe to daily byte-sized crypto news from Cointelegraph

Subscribe
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

More on the subject