On Tuesday, a security breach occurred on algorithmic market maker service Wintermute. Hackers stole approximately $160 million in assets from the platform’s portfolio. Wintermute founder and CEO Evgeny Gaevoy announced the attack on his company’s DeFi operations, stating: “We’ve been hacked for about $160M in our def. operation. CeFi and OTC operations are not affected.”
The company has managed to avoid insolvency and still has equity left. “We are solvent with twice over that amount in equity left,” Gaevoy further added. “If you have a MM agreement with Wintermute, your funds are safe.”
In the announcement, Gaevoy acknowledged that 90 assets had been hacked. However, only two of these assets were found to be worth more than $1 million but no higher than $2.5 million total.
Wintermute – A Bigger Fish
Wintermute was a market maker that provided liquidity across multiple venues, facilitating the trading of billions of dollars of cryptocurrency on a daily basis. Last week, the Tron network also named Wintermute as its official market maker.
It is the latest cryptocurrency firm to be hit by a hack. The crypto bridge Nomad lost nearly $200 million in August before Curve Finance, a DeFi framework, had $570,000 stolen. Last year’s blockchain security company Certik estimated that more than $1.3 billion was lost in DeFi attacks.
Unfortunately, the firm had already suffered a mishap earlier this year, having sent $15 million of Optimism (OP) tokens to the wrong address. The recipient eventually returned them, though it is unclear how the mistake was made in the first place. Despite this setback, Wintermute remains one of the leading market makers in the cryptocurrency space, and its appointment by Tron is a testament to its reputation.
On-Going Investigations
On-chain investigator ZachXBT tracked down the hacker’s wallet, which currently holds around $9 million in ether (ETH) and $38 million in other ERC20 tokens. The company is still open to treating the incident as a “white hat” attack, in which a hacker exploits a system in order to expose its flaws, and requests the hacker reach out. It is unclear if the hacker will take this approach, but if they do, it could be a positive outcome for the parties involved.
Upon further examination of the blockchain exploration platform Ether Scan, it appears that the wallet in question has made 45 transactions over the past 5 hours. This wallet also holds a wide variety of 80 tokens, including $12.9 million of Wrapped Bitcoin (WBTC), $3.9 million of Pax Dollar (USDP), and $2.3 million in Somnium Space CUBE tokens, just to name a few.