Spread the love

$160M Wintermute Security Exploit Could be an Insider Job: See how:

Wintermute –  crypto market giant- suffered a $160 million exploit in its decentralized finance operations last week.

From On-chain data, tens of millions of dollars worth of Dai, USDC, Tether, Wrapped ETH, and other assets  were transferred from the company to a wallet address flagged as “Wintermute Exploiter.”

While the UK-based company has not revealed if law enforcement was notified, it went on to offer a 10% bounty to the hacker on the exploited funds and to treat the event as a “white hat” activity.

However, a new report claims that this could be an insider job.

How is this possible?

Analyst James Edwards, AKA Librehash, also known as the editor of ZeroNoncense, argued that the hacker couldn’t be just a random person , external entity that “simply recovered the private key to an unsafe externally owned address that the team failed to revoke admin permissions for.”

He stated that the hack looks like an operation from an insider after observing the platform’s smart contracts interactions.

“In other words, the relevant transactions initiated by the EOA make it clear that the hacker was likely an internal member of the Wintermute team.”

Edwards also questioned the transparency of the project citing the fact that the wintermute smart contract in question cannot be verified by the public, which could have helped for the community to confirm that the hacker was not internal.

This is looks fishy and we can’t throw stones to anyone at the moment, because any smart contract responsible for the management of user/customer funds deployed onto a blockchain supposed to be verifiable by the public.

Meanwhile, after strict inspection on the decompiled bytecode, the analyst allegedly found that the code did not match with what was supposedly compromised.

Edwards also taunted Wintermute’s CEO and founder, Evgeny Gaevoy, tagging his explanation to be “rushed, hasty, and sloppily published,” giving the impression that the team was “relieved” for managing to potentially pull off a million dollar heist with “little to no scrutiny.”

The transfer of 13.48 million USDT from the Wintermute smart contract address to the smart contract supposedly created and controlled by the Wintermute hacker is controversial in nature, according to him.

Finally, he alleged that, from the transaction history, millions in USDT moved from the hot wallets of two different exchanges – Binance and Kraken – to the compromised smart contract, which could have been initiated from team-controlled exchange accounts.

By Meekness Nnoka

Blockchain Analyst & Writer with top-notch Technological background. Enjoys reading and writing fascinating crypto contents. 4 years content creating experience.

Leave a Reply

Your email address will not be published. Required fields are marked *