• Wed. Sep 28th, 2022

Algorithmic market maker Wintermute hacked for $160 million

ByRandall B. Phelps

Sep 20, 2022

Algorithmic market maker service Wintermute suffered a security breach on Tuesday, with hackers seizing around $160 million across 90 assets in the platform’s wallet.

In short statement Posted on Twitter, Wintermute Founder and CEO Evgeny Gaevoy said that “we have been hacked for around $160 million in our challenge operations. Cefi and OTC operations are not affected.

While around $160 million was embezzled by the hacker, Gaevoy Noted that “out of 90 assets that have been hacked, only two have been for a notional amount greater than $1 million (and none exceed $2.5 million)”, and that therefore there should be no having “mass selling” of assets.

Gaevoy has assured platform users, lenders and partners that they are “solvent with twice that amount in equity”, so all associated entities should expect a full restoration of operations in the next days.

Gaevoy added that Wintermute remains open to treating the hack as a “white hat” scenario, in which the hacker returns the funds and receives a reward for identifying a vulnerability.

How the Wintermute hack went down

While Gaevoy’s tweet was posted around 8:00 UTC, a number of Twitter users apparently discovered suspicious activity affecting Wintermute as early as 6:00 UTC, engaging in a debate on the ins and outs of wash trading after discovering that large sums had been transferred from Wintermute to the exchange liquidity pool 3pool.

Following Gaevoy’s announcement, self-proclaimed chain sleuth and 2D sleuth ZachXBT claimed to have identified the hacker’s wallet address, which has $47.8 million in his wallet, the remaining $114.3 million in the decentralized system stablecoin trading curve protocol.

Further away investigation on blockchain mining platform EtherScan reveals that the wallet in question has made 45 transactions in the last 5 hours, and holds a plethora of 80 tokens in their wallet including $12.9 million of Wrapped Bitcoin (WBTC), $3.9 million Pax Dollar (USDP) and $2.3 million Somnium Space CUBE tokens, among others.

Decrypt has reached out to Wintermute for comment and will update this story if the company responds.

Stay up to date with crypto news, get daily updates delivered to your inbox.