A tool named Profanity was used for generating an Ethereum ‘vanity address’ and cryptocurrency worth $950,000 was stolen from it.
A similar vulnerability had been leveraged in the exploit, which had recently been used on market maker Wintermute for stealing around $160 million recently.
A ‘vanity address’ refers to a crypto address that meets criteria laid out by the creator, which often represents their name or brand.
The exploit
This means that the crypto address would be human generated instead of being a machine-generated, random string of letters and numbers.
It is because of this reason that vanity addresses have been dubbed as more vulnerable to exploits and attacks by users on GitHub.
On September 25th, the hacker had gotten away with about 732 Ethereum before the funds were transferred to Tornado Cash, the crypto mixer that has been sanctioned recently.
The details about the attack had first been uncovered by GitHub users, but 1Inch Network, the decentralized exchange (DEX) aggregator had actually publicized it.
It instructed its users to immediately transfer their assets to another wallet straight off and also shared a blog on how the exploit was likely to have been conducted.
Profanity
Due to the attacks, steps have been taken by the developers of the Profanity tool to ensure that no one is able to continue using it.
Its developers have left the tool’s code in an uncompilable state and they have also archived the repository. There will be no more updates made to the code.
Evgeny Gaevoy, the chief executive of Wintermute, had recently admitted on Twitter that the company had suffered from the massive attack.
He had also stated that their DeFi trading wallet had probably been linked to the Profanity exploit. The CEO had disclosed that they had used profanity for generating addresses with a number of zeroes in front.
However, he stated that this was not because of vanity, but because they wanted to optimize gas. The company offers algorithmic market making services.
No perpetrator
Up till now, no perpetrator has been identified when it comes to the Wintermute attack or the latest incident for that matter. Likewise, there has also not been a recovery of funds.
Legal action has been threatened by the market maker and a bounty reward of $16 million has been offered, should the funds be returned.
The latest exploit and that of Wintermute could also be considered the tip of the iceberg. 1Inch said in its blog post that they have not yet uncovered additional exploits.
It said that they were still trying to identify all the vanity addresses that had been compromised and it could mean that tens of millions of dollars in crypto was stolen, if not hundreds of millions.
The number of hacks and exploits have been rising in the crypto space in the past year for the most, as more money is flowing into this market and this attracts attention.