After performing a study into the recent $160 million Wintermute vulnerability, digital assets company Amber Group said that it was able to replicate the whole attack vector.
Amber said that it recalculated the private key of the address used by the market-making company Wintermute. It also signed a transaction from Wintermute’s compromised address and placed a message on the blockchain to substantiate its claim.
Amber said in its study of the attack that it took just two days to break the private key using a MacBook M1 machine. To do this, the company used a brute force assault to extract the seed phrase (or private key), which was then used to unlock the cash stored at Wintermute’s address.
The Ethereum vault of the market-making business Wintermute was hacked for $160 million on September 20. The vault depended on an admin address, which was targeted in an attempt to obtain the private key and transfer the cash.
The compromised Wintermute admin account had a “vanity address,” a form of the crypto address containing recognizable names or numbers — or which have a certain style — and which may be produced by certain internet programs, such as Profanity. 1inch security experts discovered that hostile hackers might compute the private keys of vanity addresses produced using Profanity in order to steal cash.
Amber chose to undertake its own inquiry a number of days following Wintermute’s hack. The company determined that it, too, could extract the private key for Wintermute’s vanity address and estimated the hardware and time requirements for cracking the address produced by Profanity.
Also Read: Africa’s 95% of all Crypto transactions involve retail sales