Wintermute CEO, Max Coats has acknowledged that it’s probably not solely ethical to attack Wintermute as a hacker, but that he would engage in a conversation with the black hat hacker so that they may resolve the infiltration directly.

At the time of this writing, Wintermute, a cryptocurrency market-maker based in the United Kingdom, was the latest target of digital finance hijackers, losing approximately $160 million. Subsequently, the company’s founder and CEO, Evgeny Gaevoy, this heist occurred when Wintermute fell victim to a web interface vulnerability.

According to Etherscan, more than 70 different tokens have been transferred to Wintermute exploiter, including $61,350,986 in USD Coin (USDC), 671 Wrapped Bitcoin (wBTC), which is roughly $13,030,061, and $29,461,533 Tether (USDT). Although, the largest amount appears to be USDC.

Centralized Finance Secured

Gladly, the company’s over-the-counter and centralized finance operations were not compromised, as the hacker(s) drained funds from its decentralized finance operations only. Nonetheless,Gaevroy tweeted that Gaevroy Dollars are deemed solvent, as the funds of the users are not affected.

Wintermute is an algorithmic market maker that specializes in asset markets such as cryptocurrencies. The company is a chartered company in the United Kingdom, located in Cheshire, and regulated by the Financial Conduct Authority.

Companies House states that Evgeny Gaevoy is Director with “more than 25%, but not more than 50% shares”.

According to Ajay Dhingra, head of research and analytics at smart exchange Unizen, “The nature of the exploit suggests that Wintermute’s hot wallet was compromised.” Dhingra told Cointelegraph that “The attacker cleverly manipulated the bug in the smart contract.”

A Security Deal

However, in the short thread of the social media post, a Dutch national described that the alleged hack could be treated as legitimate hacking. The hacker can contact Wintermute to disclose the vulnerabilities they discovered to stop future illegal hacking.

Cryptocurrency markets frequently use white hat hackers. Token exchanges, market makers, as well as numerous companies have to reward hackers with cash or job positions.

As the Ether (ETH) address for the Wintermute Exploiter is public, the address has been spammed by crypto enthusiasts, stating messages like “Please. I’m very poor. Even $5k would be amazing.” 

Conclusively, the puzzling question now is, will the hacker help the Market maker resolve this glitch or ghost out and leverage on the vulnerability n the future?

Leave a Reply