Market maker Wintermute lost $160M from its DeFi operations after a private key generated by Profanity vanity address tool was compromised.
Wintermute's DeFi hot wallet used an Ethereum address generated by the Profanity vanity address tool, which had a known vulnerability allowing private key recovery through brute force. Despite a public warning about Profanity addresses weeks earlier, the key was not rotated in time.
Stolen funds remain largely in the attacker's wallet. Small amounts moved through DeFi protocols. CEO Evgeny Gaevoy suggested the attacker may be a white hat, posting an on-chain message. Funds never returned despite negotiation attempts. Still considered outstanding.
0xe487b01e0b8478fe02f5c0bd58f7bb7e5e8c9a6e1d8e0a8d4b7c9e2f4a6b8d0