Over $160 Million Swiped From Wintermute DeFi Platform

Photo Of Cryptocurrency Markets

Cryptocurrency platform Wintermute’s DeFi operations were hacked by an unknown individual yesterday, leading to a heist of over $160 million in assets, according to a series of tweets from CEO Evgeny Gaevoy.

Gaevoy said the company is still open to the idea this was a white-hat ethical hack, though the actor has not yet communicated their intentions.

Wintermute CEO Confirms $160 Million Stolen

Wintermute, based in London, is self-described as a leading digital asset “Market Maker” and provides liquidity across across fifty crypto exchanges and trading platforms, including global leaders Binance and Coinbase.

Though the Sept. 10 theft saw over $160 million in cryptocurrency assets stolen from Wintermute’s decentralized finance (DeFi) operations, the CEO said the company was still solvent following the incident.

Gaevoy said Wintermute’s partners, lenders, other projects, CeFi (centralized finance), and OTC (over-the-counter) operations were not affected, and that lenders could recall their loans if they wish.

The potential disruption of Wintermute’s services for all users, however, is expected to last throughout the week.

Bounty Offered To Unknown Hacker

Not ruling out the possibility of this being an ethical hack, the company offered 10% of the stolen funds to the anonymous thief once all of the assets (excluding USDC) are returned to a cryptocurrency wallet address specified by Gaevoy on Twitter.

The perpetrator has not said anything yet about returning the funds, while over $162 million in Ethereum, and several other transactions, are visible in the hacker’s wallet.

“We are still open to treating this as a white hat, so if you are the attacker — get in touch,” Gaevoy tweeted.

‘Profanity’ Vulnerability, Human Error

According to Gaevoy, the hack only compromised Wintermute’s DeFi proprietary trading wallet, which is separate from its CeFi and OTC operations.

A vulnerability in third-party cryptocurrency account creator software Profanity was most likely linked to the attack, the CEO said, coupled with internal human error in protocols.

Profanity’s author quickly took down the project following this incident. The project also suffered security vulnerabilities last year when a brute force attack was able to crack private keys.

What Is DeFi?

DeFi is an emerging form of digital asset trade and exchange that relies primarily on the Ethereum (ETH) cryptocurrency. What differentiates DeFi platforms from regular cryptocurrency exchanges is smart contracts, which remove the need for middlemen, making it completely non-custodial (or user controlled).

DeFi is also notoriously vulnerable to hacking because of its open-source and dynamic nature. Some of the largest ever digital asset thefts have been DeFi hacks, including last year’s Poly Network Hack and more recently Project Beanstalk Farms, equalling $800 million in stolen assets.

Gaevoy acknowledged yesterday that he was aware of the risks of operating in the DeFi space since the company launched. DeFi, Gaevoy said, has always been a “Dark Forest” — the name of a science fiction book often cited by digital finance pundits, which describes a dangerous environment filled with predators.

Wintermute repeatedly said it has more than enough reserve funds to stay comfortably afloat after the incident. “We are solvent with twice over that amount in equity left,” Gaevoy said. Not many companies “could take a punch like this and not just survive, but keep pushing forward.”

He also added that there would be no layoffs, no strategy changes, and no emergency fundraising. “[We will] keep moving forward through this bear market with the rest of you,” he told his Twitter followers. “And such is a challenge of running a (truly) automated Market Maker in the Dark Forest.”

To protect yourself while conducting cryptocurrency trading, we recommend you protect your transactions with a VPN and educate yourself on the dangers of the digital asset realm.

Tech researcher & communications specialist
Mirza has an education background in Global Communications, has worked in advertising, marketing, journalism and television over the years while living in several different countries. He is now working to consolidate news and outreach at VPNoverview.com, while in his free time he likes to work on documentary projects, read about sociology and write about world events.