Around $950,000 in cryptocurrency has been stolen from an Ethereum address, exploiting a vulnerability similar to another recent attack on market maker Wintermute that took $160 million, a report from Decrypt said Monday (Sept. 26).
The hacker stole 732 Ethereum on Sept. 25, then transferred the crypto to the sanctioned crypto mixer Tornado Cash, per data from PeckShield.
The attack exploited a weakness in an address-generating tool called Profanity. The developers behind Profanity took steps to make sure no one keeps using the tool.
The attack was made on a “vanity address,” referring to a type of crypto address that conforms to guidelines laid out by the creator, often tied to a brand or name. Usually crypto addresses are a random string of numbers and letters. Users on Github have said vanity addresses are more vulnerable to brute force attacks.
Wintermute CEO Evgeny Gaevoy has said recently that the attack on his company was likely linked to the “Profanity-type exploit of our DeFi trading wallet.” He said his company, which provides algorithmic market-making services, had used Profanity to generate addresses for efficiency rather than vanity.
So far, there were no perpetrators revealed for either the Wintermute attack or the more recent one. Wintermute has offered a $16 million bounty for return of the crypto.
Earlier this month, the U.S. Department of Justice signaled that it would be cracking down on crypto-related crime.
Read more: Justice Department Signals Intent to Crack Down on Crypto Crime
The DOJ has created the Digital Asset Coordinator Network on Sept. 16, to coordinate crypto investigations between various law enforcement teams.
It will be led by the National Cryptocurrency Enhancement Team, and will “ensure that the Department and its prosecutors are best positioned to combat the ever-evolving criminal uses of digital asset technology,” Assistant Attorney General Kenneth Polite Jr. of the department’s criminal division said.
For all PYMNTS crypto coverage, subscribe to the daily Crypto Newsletter.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More