Well-known vulnerability in private keys likely exploited in $160M Wintermute...
The vulnerability in private keys generated by the popular Profanity vanity key generator was noted in January and has already been implicated in at least one major hack. Blockchain cybersecurity company Certik has said a vulnerable private key was attacked in the Wintermute hack. A vulnerability in private keys generated by the Profanity app was likely exploited. The vulnerability has been known since at least January.The U.K.-based algorithmic crypto market maker announced the hack on Tuesday and said over-the-counter and centralized finance operations were not affected. About $162.5....
Related News
James Edwards bases his accusations on what he feels are dubious transactions and smart contract code that doesn’t match the post-mortem analysis. A fresh new crypto conspiracy theory is afoot — this time in relation to last week's $160 million hack on algorithmic market maker Wintermute — which one crypto sleuth alleges was an "inside job."Cointelegraph reported on Sept. 20 that a hacker had exploited a bug in a Wintermute smart contract which enabled them to swipe over 70 different tokens including $61.4 million in USD Coin (USDC), $29.5 million in Tether (USDT) and 671 Wrapped Bitcoin....
The Hong Kong-based group documented its reproduction of the hack on its tech and security oriented blog, seeking insights into Web3’s attack surface spectrum. Amber Group has reproduced the recent Wintermute hack, the Hong Kong-based crypto finance service provider announced on its blog. The process was fast and simple, and used hardware easily accessible to consumers. Wintermute lost over $160 million in a private key hack on Sept. 20.Reproducing the hack can help “build a better understanding of the attack surface spectrum across Web3,” Amber Group said. It was only hours after the hack....
Users storing bitcoin with hardware from a leading data protection company have been urged to update their devices or risk losing funds. In a company blog post on Friday, Gemini CSO Cem Paya released details of a vulnerability he encountered that allows attackers to brute-force secret keys from SafeNet's brand of hardware security modules, or 'HSMs'. These tamper-proof, specialist devices are used to safeguard all manner of cryptographic keys for the likes of governments, banks and payment companies. They've been hailed as the 'next step' for bitcoin security. While testing the SafeNet....
After repayment of TrueFi’s $92 million loan, Wintermute still owes $97.4 million to Maple Finance and Clearpool in loans. When Wintermute, a cryptocurrency market maker, lost $160 million due to a hack, concerns related to the repayment of debt worth $189.4 million surfaced. However, in an exciting turn of events, Wintermute paid back its largest debt due Oct. 15, involving a $92 million Tether (USDT) loan issued by TrueFi.After repayment of TrueFi’s $92 million loan, Wintermute still owes $75 million to Maple Finance in USD Coin (USDC) and wrapped ether (WETH) and $22.4 million to....
During security testing a vulnerability was exposed on the Authy app, a two-factor authentication tool. Less than 0.2% of Authy users were affected. An outside security research team discovered the vulnerability which affects users who changed the phone number on Authy accounts since February 2014. The users affected were no longer able to access their original phone and so thus had to prove phone ownership. This process included government issued ID’s. Authy immediately moved to patch the vulnerability and has no evidence the vulnerability was exploited by nefarious characters. Authy sent....