WinterMute’s $160M Exploit Explained
The market maker was hacked as attackers took control of their vanity address and stole funds from a smart contract.
Dear readers,
This newsletter is written with help from QuillAudits, a smart contract audit platform for dApps, DeFi and tokens. We brought in their expertise to understand the WinterMute Hack.
On September 20, 2022, Wintermute Protocol was hacked, around $160 million were stolen by hackers. The exploit was unusual, as it wasn’t caused due by any smart-contract vulnerabilities, instead it was caused due to compromised private keys suspected to have been due to Profanity Bug, we will get to that later.
Introduction to Wintermute Protocol:
Wintermute is one of the largest algorithmic trading firms in digital assets globally. It is an official market maker for many of the most prominent blockchain projects. They create liquid and efficient markets on centralised and decentralised trading platforms and off-exchange.
Vulnerability Analysis & Impact:
There are four addresses involved in this attack:
Attacker EOA: 0xe74b28c2eae8679e3ccc3a94d5d0de83ccb84705 Attack Attacker’s Contract: 0x0248f752802b2cfb4373cc0c3bc3964429385c26
Compromised EOA: 0x0000000fe6a514a32abdcdfcc076c85243de899b Victim Wintermute’s Contract: 0x00000000ae347930bd1e7b0f35588b92280f9e75
Wintermute is suspected to have used the Profanity tool to generate the address. The attack was due to a vulnerability in Profanity, which allowed the hacker to gain the private key of Wintermute’s EOA (Externally Owned Address, an address that created the contracts). So, before going into WinterMute’s Exploit, let’s first understand the Profanity Bug.
The Profanity Bug
Profanity is an Ethereum vanity address generation tool that allows users to create a personalised address that contains a predefined string of numbers and letters (A through F). 1inch discovered a vulnerability in this software that would allow anyone to crack the keys of every 7-character vanity address.
The vanity addresses or vanity addresses are addresses of cryptocurrencies, personalized and created respecting a series of parameters given by the users of said addresses. This with the aim of making them more personal and easily identifiable, but without giving up the security they provide. Source
It has been proven that by using 1,000 powerful graphics processing units (GPU), all 7-character vanity addresses could be brute forced within a period of 50 days.
To know more about this vulnerability, you can check the blog by 1inch here.
Attack Steps:
First, the attacker deploys the malicious contract. See here.
The attacker compromised WinterMute’s admin EOA (using the profanity bug). The vault only allows admins to do these transfers. Then the attacker transfers 2 Ether from his EOA to the Compromised EOA. See here.
Now, the attacker called the 0x178979ae function of the Victim Contract from the compromised EOA. What this function does is that it transfers the tokens to Attacker’s malicious contract.
Calling the 0x178979ae function requires permission checks. As the attacker called it with compromised EOA, which is the admin’s address so it passed the permission check. This function ran around 109 times. (See here)
And after the tokens were transferred to the attacker’s malicious contract, it transferred tokens back to the attacker’s wallet in numerous transactions. See here.
After the Exploit
Within a few hours of the attack, the CEO of Wintermute announced that they have been hacked and around $160M had been stolen. Hack affected only DeFi operations and no Centralized Finance or OTC operations were affected.
In the thread, they put out a few statements including:
Only DeFi operations are affected. The centralised finance and OTC operations are not affected. However, as a user, you might experience disruption in services as the Wintermute team is getting in the depth of the issues.
A total of 90 assets have been hacked. Only two of which have value in between $1 million to $2.5 million.
There will be no major sell out for any hacked assets as the value is not huge enough.
Wintermute also assured the partners, lenders, and users that it is NOT getting insolvent. It is solvent and has more than double the amount in equity.
It is a private company, but we can understand by the statements that the company may be valued somewhere over $450 Million.
Status of Funds:
All the funds sit at the address of the attacker. We can see the breakdown of the assets here:
How they could have prevented the Exploit?
The attack was due to a bug in the profanity address generator. It could have been prevented by using a hardware wallet or a multisig wallet which is considered more secure.
Before the incident, Wintermute realised that they might be vulnerable, so they removed all ether from this admin address (see here), but may have forgotten to remove this address as admin from the contract.
Much of the technical details in the newsletter are taken from QuillAudits’ published blog.
Hope you enjoyed learning about Wintermute Hack. Subscribe to receive these stories straight to your inbox.
Please share if you think a friend or family member will benefit from this letter.
If you’re in the mood to do some more reading, here you go:
WazirX had its $8 Million frozen by the Enforcement Directorate a few weeks ago, and now the exchange says the funds are unfrozen.
How Nike does Marketing in the Metaverse.
A Scammer Stole $22000 in bitcoin and then asked for Bail in Court.
And, if you want to, you can consider becoming a paid subscriber.
In addition to supporting independent journalism, here are the benefits of becoming a paid subscriber:
An exclusive Story of the week, just for paid subscribers
Access to Exclusive Videos one week before free subscribers
Exclusive QnA Sessions and Meet-ups
More benefits coming soon