Wintermute warns hackers to return money or face legal action

The market-making business Wintermute has written a statement to the hacker who stole $160 million from the company on Tuesday through the Ethereum blockchain.

The message sent at midnight UTC on Thursday instructed the hacker to return the cash by the end of the day or Wintermute will contact the police. It invited the hacker to take a “whitehat” prize of $16 million and return the remaining $144 million to Wintermute.

“We wish to collaborate with you soon and settle this situation. Accept the conditions of the reward and return the monies within twenty-four hours prior to September 22, 23:59 UTC, while we can still consider this a white-hat event and give the 10% bounty,” the statement said.

The letter continued by stating that if the hacker returned the monies, he or she would be called a “white hat” – a phrase used to describe ethical hackers.

Wintermute said, “If the stolen monies are not returned by the deadline, you will be forced to withdraw our reward offer and white-hat designation; we will then continue with the necessary authorities and channels.”

The vanity address of Wintermute was produced using a specific web service called Profanity. A few days before the assault on Wintermute, a security study from 1inch revealed that all vanity addresses containing profanity had a significant vulnerability. This vulnerability might enable hackers to brute-force compute their private keys.

To verify the legitimacy of Ethereum transactions, Wintermute utilized its Profanity-based address as an administrator account. Someone used the same flaw to get access to the admin address’s private key. 

This location was chosen due to anticipated transaction cost savings. Mudit Gupta, Polygon’s chief information security officer, told The Block that these may be created using vanity addresses including a series of zeroes.

Also Read: New Crypto Reach 21,000 Despite Unstable Markets

Disclaimer: The information provided in this article is for informational purposes only and should not be construed as financial or investment advice. Cryptocurrency investments are subject to market risks, and individuals should seek professional advice before making any investment decisions.

- Advertisement -

Comments are closed.