Wintermute's private key was "brute force cracked" and lost 160 million US dollars. Are your assets still safe?

On September 20, Wintermute was stolen.

This attack not only caused Wintermute to suffer losses, but also exposed a potential risk that is easily overlooked. The hacker adopted a relatively rare attack method - "cracking the private key", which also sounded the alarm for all currency holders. But don’t worry too much, this private key cracking is not a threat to the elliptic curve encryption algorithm, but a security hole in a private key auxiliary generation tool. Investors who have not used instruments with similar risks will not face the same risks for the time being.

secondary title

The attack method is bizarre, and the hacker actually obtained the private key of the wallet

Different from the previous common attack methods such as "loophole", "flash loan" and "price manipulation", this hacker stealing method is more unpopular - brute force cracking.

The Beosin security team found that attackers frequently use the address 0x0000000fe6a... to call the 0x178979ae function of the 0x00000000ae34... Query, confirm that the address 0x0000000fe6a has setCommonAdmin permission, and the address has normal interaction with the contract before the attack, then it can be confirmed that the private key of 0x0000000fe6a has been leaked.

Several security teams have publicly stated that the smart contracts and EOA wallets owned by Wintermute were stolen by attackers. Observing the stolen wallet address, it is not difficult to find that the address is very "regular", starting with 7 digits 0. The theft of the wallet is related to the use of Profanity by Wintermute.

Profanity is an EVM vanity address generation tool, with which users can generate wallet addresses that include custom character combinations.

In Profanity's github comments, we can also see previous developers discussing the project.

The co-founder of 1inch pointed out that there are flaws in the security of this tool as early as January this year: "One GPU can calculate 7 symbols in one second, and it only takes 1000 GPUs to calculate all addresses in 50 days. .” Subsequently, the developer also added a security warning to the project’s readme description and told users that “it is not recommended to continue using this tool under the current circumstances.”

secondary title

The risk warning has already been issued and has not attracted attention

Profanity's security risks were brought to the attention of the industry just days before Wintermute.

On September 15, 1inch Network's official blog published an article pointing out that Profanity has security risks. "If your wallet address is generated with Profanity tools, your assets are no longer safe. Move all your assets to another wallet ASAP!"

1inch's research found that hackers exploit the Profanity vulnerability in the following ways:

1. Obtain the public key from the false address (recover from the transfer signature).

2. Scale it deterministically to 2 million public keys.

3. Repeatedly decrease and narrow down the range until the seed public key is obtained.

In this way, hackers can obtain the private key of any address generated using Profanity.

A subsequent survey conducted by blockchain researcher ZachXBT showed that hackers have stolen more than $3.3 million in assets through this loophole.

secondary title

Wintermute says the event won't hit the market

Confirmed by multiple security agencies, the attacker's address has been locked as "0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705". The attacker smart contract is "0x0248f752802b2cfb4373cc0c3bc3964429385c26".

After this attack, in addition to the affected wallets, Bebop, a decentralized exchange launched by Wintermute, was also affected. Bebop's official Twitter announced that the platform has suspended transactions and will resume within a few days; it also stated that its contracts are not affected, and users' funds and private keys are safe.

Of the 90 assets that were hacked, only two had a notional value of more than $1 million (and no more than $2.5 million), Wintermute said, so it’s not expected to cause much selling pressure on the market. In addition, its CeFi and OTC businesses have not been affected.

At the same time, Evgeny Gaevoy also said that Wintermute's current solvency is twice that of the remaining equity, and that Wintermute's services may be interrupted today and in the next few days before returning to normal.

At present, Wintermute is still willing to regard the attacker as a "white hat hacker" and calls on the attacker to contact Wintermute.