Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
The leading crypto market maker, Wintermute, suffered a $160 million breach in its decentralized finance operations last week. On-chain data revealed tens of millions of dollars worth of Dai, USDC, Tether, Wrapped ETH, and other assets transferred from the company to a wallet address flagged as âWintermute Exploiter.â
While the UK-based company has not revealed if law enforcement was notified, it went on to offer a 10% bounty to the hacker on the ill-gotten funds and treat the breach as a âwhite hatâ event.
However, a new report suggests that this could be an insider job.
Insider Job
Analyst James Edwards, aka Librehash, also known as the editor of ZeroNoncense, argued that the hacker couldnât have been a random, external entity that âsimply recovered the private key to an unsafe externally owned address that the team failed to revoke admin permissions for.â Edwards stated that the hack appears to have been carried out by an internal party after observing the platformâs smart contracts interactions.
âIn other words, the relevant transactions initiated by the EOA make it clear that the hacker was likely an internal member of the Wintermute team.â
Edwards questioned the transparency of the project while pointing out the lack of uploaded, verified code for the Wintermute smart contract in question, making it impossible for the community to confirm that the hacker was not internal. Typically, any smart contract responsible for the management of user/customer funds deployed onto a blockchain is up for public verification.
Upon deeper inspection and sifting through the decompiled bytecode, the analyst allegedly found that the code did not match with what was supposedly compromised.
Edwards also took a jibe at Wintermuteâs CEO and founder, Evgeny Gaevoy, and called the execâs explanation to be ârushed, hasty, and sloppily published,â giving the impression that the team was ârelievedâ for managing to potentially pull off a million dollar heist with âlittle to no scrutiny.â
Transfer to Compromised Wallet
The transfer of 13.48 million USDT from the Wintermute smart contract address to the smart contract supposedly created and controlled by the Wintermute hacker is contentious in nature, according to Edwards.
He alleged that the transaction history showed the movement of millions in USDT from the hot wallets of two different exchanges â Binance and Kraken â to the compromised smart contract, which could have been initiated from team-controlled exchange accounts.
6d/ That amount that was swept in that 5:03 p.m. (EDT) transaction was no trivial amount either. The team supposedly got hit for 16M $USDT in that first sweep.
Why on greenâs earth would they send 13M more worth of funds to this address? Please answer if you can @EvgenyGaevoy
â James Edwards (@librehash) September 26, 2022
The post $160M Wintermute Security Exploit Could Have Been an Insider Job: Report appeared first on CryptoPotato.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.