U.K.-based algorithmic market maker service Wintermute becomes the latest victim of decentralised finance (DeFi) hacks when its protocol suffered a breach early on Tuesday, September 20, 2022, with hackers making off with around $160 million across 90 assets within the platform’s portfolio.
The news of the breach was announced by company CEO and founder, Evgeny Gaevoy, on Твиттер. He stated that “We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected.” While Gaevoy said that around $160 million was taken by hackers, he noted that “out of 90 assets that have been hacked only two have been notional over $1 million (and none more than $2.5 M),” and as a result a “major selloff” of assets should not occur. According to data from Етхерсцан, over 70 different tokens have been transferred to “Wintermute exploiter,” including $61, 350, 986 in USDC, 671 in Wrapped Bitcoin, and $29, 461, 533 in USDT.
CEO: Company Remains Solvent
The CEO assured the company’s users, lenders, and partners that the platform is “solvent with twice that amount of equity left.” Associated entities should expect full restoration of operation over the next few days. Gaevoy added:
Ако имате ММ уговор са Винтермуте-ом, ваша средства су сигурна. Доћи ће до поремећаја у нашим услугама данас и потенцијално у наредних неколико дана, а након тога ће се вратити у нормалу.
According to the company’s CEO, the platform is still willing to treat the incident as white hat hacking, meaning it is willing to engage with the attacker. In this instance, the hacker would be required to return the funds, but would also be allowed to keep a percentage as a bounty. The hacker may also contact Wintermute to share the vulnerabilities they have discovered to avoid a repeat of hacks in the future. White hat hacking has become commonplace in the crypto market, even more so in the bear market. Exchange, market markets, and companies often reward hackers with bounties in the form of cash or job opportunities.
What happened to the Wintermute is the result of the outdated business model. Projects that delegate market making to third-party service providers must acknowledge that allocating a large amount of funds to a single market maker’s wallet will eventually cause issues like this. Unfortunately, there are dozens of market makers that manage the process in a “centralized” manner while operating on both CEX and DEX exchanges. We at GotBit consider that the future of market making lies in the designated market making services that don’t take control over the client’s funds.
Alex Andryunin, Извршни директор на GotBit.io
Изјава о одрицању одговорности: Овај чланак је представљен само у информативне сврхе. Није понуђен нити намерава да се користи као правни, порески, инвестициони, финансијски или други савет.
Source: https://cryptodaily.co.uk/2022/09/crypto-market-maker-wintermute-hacked-for-160-million