$160M stolen from Wintermute in a recent DeFi hack
Evgeny Gaevoy, founder and CEO of Wintermute, has revealed that the business was hacked for $160 million.
Gaevoy tweeted on Tuesday that the market maker’s DeFi activities had resulted in a nine-figure loss. In addition, he said that the company’s centralized and over-the-counter services were unaffected. Assuring consumers that their money was secure, he said, “We are solvent with more than double [the amount stolen] in equity remaining.”
Gaevoy said that ninety distinct assets were taken. Two of these lost assets had a value between $1 million and $2.5 million. Each of the remaining 88 generated less than $1 million in revenue.
Wintermute is one of the main cryptocurrency market makers. It improves market efficiency by adding liquidity to both centralized and decentralized trading venues. In addition, it provides an over-the-counter service to wealthy individuals and institutional customers.
Information security director Mudit Gupta of Polygon tweeted and blogged about the incident early on Tuesday, speculating that it was “a hot wallet compromise.”
On-chain researcher zachxbt revealed the hacker’s wallet on Twitter, pointing to an Ethereum address that now houses digital assets valued at $163 million, according to Zapper statistics. Approximately 70% of the assets have been put to Curve Finance’s tricrypto pool, a common tactic among hackers who do not plan to return stolen cash (stablecoin issuers such as Circle and Tether cannot freeze funds once they are added to decentralized exchange liquidity pools).
Gaevoy concluded the notice of the breach by stating that the company would gladly accept the event as a white hat assault and inviting the hacker to come forward. After zachxbt revealed the address, other crypto users spoke with the attackers through on-chain chats.