Skip to content

Wintermute Has Been Attacked by Hackers. $160M was Snatched

Algorithmic market maker in digital assets – Wintermute – has been hacked. Hackers used a vulnerability in the wallet used for DeFi proprietary trading operations and stole $160M.

Evgeny Gaevoy, CEO & founder of Wintermute, Source: Medium

Wintermute is a company founded by Evgeny Gaevoy. It is an algorithmic trading firm that is focused on the innovative digital asset markets. Wintermute's mission is to enable, empower and advance a truly decentralized world for more transparent, fair and efficient markets and products.

On September 20, Wintermute ran into trouble. The wallet that was used for DeFi proprietary trading operations was attacked by hackers. And this became possible because of a mistake by an employee.

The crypto community found out about the attack on Twitter from CEO & founder of Wintermute – Evgeny Gaevoy. During the attack, Evgeny started a thread in which he began to explain to people what was going on.

Basically, the thread consisted of brief information that a hack had occurred.

And also from various users posting messages for Wintermute lenders stating that the funds of those who have a MM agreement with Wintermute are safe. Also that the company’s operations have been affected temporarily. As an assurance, Wintermute users can retrieve their loans if they wish.

Evgeny also wrote that employees hope that the attack was carried out by a “white hat” hacker. Therefore, he asked the hacker to contact Wintermute.

“White hat” is a hacker who hacks various systems not for profit, but in order to demonstrate vulnerability to developers and help to fix it. Simply put, "white hat" is a cybersecurity specialist.

About an hour later, Evgeny opened a new thread, which contained details of the attack. Evgeny said that the hacker attacked a “wallet used for DeFi proprietary trading operations.”

At the same time, Evgeny noted that the attack did not affect “internal systems in both Cefi and Defi.”

According to Evgeny Gaevoy, hackers could use “Profanity-type exploit.” Wintermute use Profanity to generate addresses with a lot of zeros in front. Wintermute found out about the exploit a week before the attack and began to switch to a new system quickly.

But, during the switch, a mistake occurred caused by human error. It is quite possible that it served as a vulnerability that hackers took advantage of.

Evgeny also promised the hacker 10% of the stolen funds if the monies were returned. But, there has been no response yet.

Despite the attack, Evgeny maintains a positive attitude and confidence in the future development of the company. Also, Evgeny promised that there will be no layoffs and no revision of strategy.

We wish you, dear readers, to remain confident in the future, no matter what. And we continue to observe.