Latest Crypto Hack Costs Wintermute $160 Million

Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

According to a top executive on Tuesday, Wintermute, a well-known and influential cryptocurrency market maker, suffered a $160 million loss due to a hack, making it the sector’s most recent victim. Wintermute, founded in 2017, trades billions of dollars in the crypto market by providing liquidity across multiple venues.

In a series of tweets, Wintermute’s founder and CEO, Evgeny Gaevoy, confirmed the company’s decentralized financial operations had been hacked, but not the centralized finance or over-the-counter verticals. He claimed that Wintermute, backed by Pantera Capital, Lightspeed Venture Partners, and Fidelity’s Avon, is still solvent and has more than twice as much equity. He told lenders that if they asked, Wintermute would let them get out of their loans.

Wintermute – The Most Stolen Money Went to Curve

On Tuesday, Evgeny Gaevoy, the CEO and creator of Wintermute, tweeted about the hacking event (September 20, 2022). Wintermute’s CEO and creator, Evgeny Gaevoy, detailed the hacking event in a tweet thread on Tuesday (September 20, 2022). Gaevoy said that only two of the 90 assets that were hacked were worth more than $1 million (and none were worth more than $2.5 million), and the CEO promised that there would be no major selloff.

During this time, on-chain detective ZachXBT shared the hackers’ wallet address, which contained approximately $163 million. A screenshot revealed that the attackers had already transferred $114 million to Curve Finance’s 3CV, leaving the wallet with a balance of just under $48 million.

Polygon’s chief security officer, Mudit Gupta, claims that Wintermute’s hot wallet was compromised. This was most likely caused by the wallet’s use of Profanity, an Ethereum vanity address generator. Profanity is a tool that can generate vanit addresses, also known as human-readable addresses. The Profanity program recently had a bug that exposed the addresses it generated to hackers. In a previous warning, the decentralized exchange aggregator 1inch said that funds in “Profanity” vanity addresses were not safe. This showed that the Ethereum vanity address generator had another flaw.

Wintermute’s Hacker Made Use of Profanity

According to Gupta’s findings, Wintermute’s attacker used this bug to steal money from the address. The attacker is most likely a skilled hacker or solidity creator. So that they wouldn’t be blocked, they made a helper contract, added stables to Curve, and first found a flaw in the closed-source vault contract. Even though money was stolen from the market maker’s DeFi activities, Gaevoy stated that the attack did not disrupt Wintermute’s CeFi or OTC operations. In the tweet thread, Gaevoy noted that the platform is still solvent, with more than double the compromised funds ($160 million) remaining in stock.

According to the CEO, Wintermute will honor any loan recall requests. However, he didn’t reveal any other details, such as the attack’s time or nature, but stated that the team was willing to handle the situation as a “white hat,” inviting the hackers to contact the company. This happened just a few months after an attacker used a Wintermute glitch to steal 20 million Optimism (OP) tokens.

According to the data, the hacker sold one million OP tokens, which Wintermute purchased. Later, one million OP coins were sent to Vitalik Buterin, who helped start Ethereum and is one of its co-founders.


Live webinar speaker and derivatives (Forex, Crypto, and Indices) analyst with a broad range of skills for evaluating financial data, investment trends, technical analysis, fundamental analysis, and the best ways to strategies investment selection.  Expertise: Trading Psychology; Speculative Positioning & Market Sentiment; Technical & Fundamental Analysis.