Wintermute Hack 2022 — $160M Exploit Analysis

Market maker Wintermute lost $160M from its DeFi operations after a private key generated by Profanity vanity address tool was compromised.

Details

Full Description

Wintermute's DeFi hot wallet used an Ethereum address generated by the Profanity vanity address tool, which had a known vulnerability allowing private key recovery through brute force. Despite a public warning about Profanity addresses weeks earlier, the key was not rotated in time.

Laundering Analysis

Stolen funds remain largely in the attacker's wallet. Small amounts moved through DeFi protocols. CEO Evgeny Gaevoy suggested the attacker may be a white hat, posting an on-chain message. Funds never returned despite negotiation attempts. Still considered outstanding.

Sources

Transaction Hashes

Related Hacks

Back to Browse