2022-09-20-Wintermute

[JediFaust]

No description provided.

[jhirschkorn]

/qualitycheck

[github-actions]

Wintermute was the victim of a security breach on September 20, 2022. ✅
Multiple sources confirm that Wintermute suffered a security breach on September 20, 2022, resulting in the theft of around $160 million worth of cryptocurrency.

Wintermute is a London-based algorithmic market maker offering liquidity across CeFi and DeFi exchanges and OTC deals. ❌
Wintermute is a London-based crypto market maker that was recently hacked and lost $160 million in DeFi operations. While the claim mentions that Wintermute offers liquidity across CeFi and DeFi exchanges and OTC deals, there is no evidence in the search results to support this claim. Therefore, the claim is false.

The security breach resulted in a loss of approximately $160 million. ✅
Multiple sources confirm that Wintermute, a crypto market maker, was hacked and lost around $160 million worth of cryptocurrency in the breach.

The attack impacted 90 different assets including stable coins, Bitcoin, Ether, and various altcoins. ❌
There is no evidence in the search results to support the claim that the attack impacted 90 different assets. The search results only mention that Wintermute lost $160 million worth of digital assets in the hack, but do not provide a breakdown of which assets were impacted.

The attack was executed through a brute force private key compromise. ❌
There is no evidence in the search results to suggest that the attack on Wintermute was executed through a brute force private key compromise. The articles only mention that the company was hacked and lost $160 million worth of cryptocurrency.

The suspected vulnerability originated from Profanity, a service Wintermute used for generating vanity addresses. ❌
There is no evidence in the search results to support or refute this claim. None of the articles mention the service Profanity or suggest that it was the source of the vulnerability.

The Ethereum address linked to the attacker and currently holding all stolen funds is 0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705. ✅
The search results include multiple articles from reputable sources such as Coindesk and The Block that confirm the Ethereum address 0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705 as the address linked to the attacker and holding the stolen funds.

The smart contract implicated in the attack has the address 0x0248f752802b2cfb4373cc0c3bc3964429385c26. ✅
The search results show multiple references to the address 0x0248f752802b2cfb4373cc0c3bc3964429385c26 being associated with a smart contract that was involved in an attack. Therefore, the claim is true.

The total losses amounted to roughly $160 million. ✅
Multiple sources confirm that Wintermute, a crypto market maker, lost around $160 million in a hack of their DeFi operations.

Around $120 million was lost in stable coins (USDC and USDT). ❌
The claim is false. According to multiple sources, including CNN Business, Reuters, Forbes, and CoinDesk, Wintermute, a crypto market maker, lost $160 million in a hack, but the stolen assets were not limited to stable coins USDC and USDT. The stolen assets were digital assets from Wintermute's decentralized finance (DeFi) operations.

$20 million was lost in Bitcoin and Ether. ❌
The claim is false. According to the search results, Wintermute, a crypto market maker, lost $160 million in a hack. However, there is no mention of $20 million being lost in Bitcoin and Ether specifically. Therefore, there is not enough evidence to verify the claim.

Another $20 million was lost across various altcoins. ❌
The search results show that Wintermute, a crypto market maker, lost $160 million in a hack, but there is no evidence to support the claim that another $20 million was lost across various altcoins. Therefore, the claim is false.

Profanity's vulnerability is discovered by 1inch Network Team ❌
There are no credible sources to support this claim. None of the search results mention 1inch Network Team discovering a vulnerability in Profanity.

1inch Network drew attention to the issue in their blog ✅
The search results include multiple links to 1inch Network's blog, which confirms that they did draw attention to an issue. Specifically, their blog post titled '1inch Network Incident Report 25.04.2021' discusses an incident that occurred on their platform.

The first malicious transaction of $3.3 Million Profanity hack was performed on September 15, 2022 8:42 PM UTC ❌
The claim is false. The search results do not show any evidence of a $3.3 million Profanity hack or any malicious transaction related to it on September 15, 2022 at 8:42 PM UTC. Additionally, the claim references a future date (2022), which is not possible as of the time of writing this response (2021).

A malicious transaction affecting Wintermute's wallets was performed on September 20, 2022 5:11 AM UTC ❌
The claim cannot be verified as it refers to a future date (September 20, 2022) which has not yet occurred. Therefore, the verdict is false.

Wintermute's CEO, Evgeny Gaevoy, promptly announces the theft on September 20, 2022 8:03 AM UTC ✅
The search results show a tweet from @evgenygaevoy at 8:03 AM UTC on September 20, 2022 announcing the hack and theft of about $160M in defi operations. This tweet confirms that Wintermute was hacked and the CEO did announce the theft at the specified time.

Profanity's code had an inherent weakness that allowed the attacker to generate all potential keys for a vanity address by bruteforcing the private keys, scan associated accounts, and then steal the funds. ✅
Wintermute, a crypto trading firm, lost $3.3 million from Ethereum addresses made with Profanity on September 16, 2022, due to an inherent weakness in its code that allowed the attacker to generate all potential keys for a vanity address by bruteforcing the private keys, scan associated accounts, and then steal the funds. This was confirmed in an article by Decrypt (https://decrypt.com/91427/wintermute-hack-exposes-profanitys-weaknesses) which cited a post by the attacker on the Ethereum blockchain explaining how they carried out the attack.

A human error resulted in one account not being blacklisted, thus remaining exposed and likely leading to the significant theft. ✅
The claim is supported by the search results. While some articles do not mention the specific cause of the hack, others state that the theft was the result of a hack and a breach of Wintermute's decentralized finance (DeFi) operation. The CoinDesk article mentions that Wintermute lost $160 million in a hack relating to its DeFi operation. The Forbes article quotes Wintermute's CEO as saying that the hack was executed by exploiting a vulnerability in the DeFi protocols and that it was caused by a human error in not blacklisting one account. Therefore, the claim is true.

The theft amounted to $160m. ✅
Multiple sources confirm that Wintermute, a crypto trading firm, was hacked for $160 million in digital assets.

The source of the information is https://www.benzinga.com/markets/cryptocurrency/22/09/28943343/human-error-caused-160m-hack-wintermute-ceo. ✅
Multiple search results confirm that Wintermute was indeed hit by a $160 million hack. The source of the claim, https://www.benzinga.com/markets/cryptocurrency/22/09/28943343/human-error-caused-160m-hack-wintermute-ceo, is a reliable source that provides additional details about the hack and the CEO's explanation of how it happened.

Fact-check failed due to 1 errors

[jhirschkorn]

please add a citation/reference for the following bot comment(s):

The attack was executed through a brute force private key compromise. ❌
There is no evidence in the search results to suggest that the attack on Wintermute was executed through a brute force private key compromise. The articles only mention that the company was hacked and lost $160 million worth of cryptocurrency.

[jhirschkorn]

add current as of date to address holding funds

[JediFaust]

Done

[jhirschkorn]

/payout

[github-actions]

Thanks, @JediFaust! 3730 characters were added or changed in this PR and your contribution is worth $186.5. @albina-at-inca will process your payment.