Wintermute, Crypto Market Maker, Loses $160 Million to Hacker

Image for article titled Wintermute, One of Crypto's Biggest Market Makers, Loses $160 Million to Hacker

Photo: Andreanicolini (Shutterstock)

Wintermute, one of the most prominent market makers in the cryptocurrency industry, has been hacked. ONE cybercriminal stole approximately $160 million in various tokens from the company, according to Wintermute’s CEO. However, the company claims it is solvent and still has twice as much equity as the amount that was stolen.

In the world of web3, market makers as Wintermute greases the wheels of crypto trading. They play the critical role of providing liquidity to crypto exchanges and decentralized finance (DeFi) platforms. In crypto, “liquidity” basically means how easily a specific asset or token can be traded. Higher liquidity rates allow for more seamless transactions between traders and are an important indicator of a market’s overall health. In short: market makers keep things running on rails, and they are an important service in the operation of exchanges. Of course, things don’t go so smoothly if the market maker is robbed.

On Tuesday, Wintermute’s founder and CEO, Evgeny Gaevoy, took to Twitter to alert users of the recent theft. “We have been hacked for about $160 million in our defi operations. Cefi and OTC operations are not affected,” Gaevoy said.

According to the CEO, an unknown hacker managed to steal 90 tokens from the company’s wallet and transfer them to the hacker’s own. Etherscan shows and that the hacker grabbed a number of different assets – Tether, USDcoin, Wrapped ETH and Dai stablecoin – and that the criminal’s wallet is apparently named “Wintermute Exploiter”.

Gaevoy has assured users that their money is safe: “If you have a [market maker] deal with Wintermute, your money is safe. There will be a disruption to our services today and potentially for the next few days and will return to normal afterwards, he said on Tuesday.

How did the hacker gain access to the company’s coins? That part is a mystery. Gaevoy and Wintermute have not shared any technical details about what happened. However, some security analysts have speculated that the hack occurred via a hot wallet compromise as a result of a recent error detected in profanity, a popular cryptographic tool used to generate wallets. Exploitation of the flaw has already led to others hacks.

Unfortunately, this isn’t the first time Wintermute has had problems with missing coins. In June was a market maker responsible for the evaporation of about 20 million dollars Optimism (or “OP”). After being contracted to provide initial liquidity for the launch of the asset, Wintermute failed to implement a routine security mechanism. This bug allowed $20 million in OP to be trapped in a wallet and, like Wintermute groped to get it out, a cybercriminal swiped the symbols. Wintermute took full responsibility for the episode, and offered to buy an equivalent amount of the money lost. Later, but the hacker returned most of the stolen crypto.

In this particular case, it is not clear whether Wintermute has been in contact with the police or has opened a dialogue with the hacker (like some crypto exchanges have done, in the past). Gaevoy said Wintermute would be willing to treat the breach as a “white hat” hack and let the hacker keep some of the stolen funds should the majority be returned. We reached out to the company for more information and will update this story if it happens answers.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *