- Hacks and exploits are continuously harming the decentralized finance industry as another vanity wallet address follows the roster of DeFi victims.
- Due to those hacks and exploits, the DeFi space has lost over $1.6 billion this year.
A blockchain security company, PeckShield, had issued a warning stating that a hacker was noticed after swiping out 732 Ether (ETH), almost $950,000, from an address made at the Ethereum vanity wallet address generator known as Profanity. After swiping off the wallet, the hackers sent the token to was newly approved crypto mixer Tornado Cash.
Vanity addresses are personalized crypto wallet addresses that are developed to add on words and specific characters selected by the owner. But, as highlighted by the recent hacks, the security of vanity addresses is still doubtable and questionable also.
The DEX and the hack.
At the beginning of September, decentralized exchange (DEX) collector 1inch Network alerted community members that the addresses owned by them aren’t secure if they were developed using Profanity.
The DEX stated to the crypto holders having vanity addresses to shift their assets as soon as possible. As per 1inch, the vanity address developer used an irregular 32-bit vector to bud 256-bit private keys, which is a clear indication that it is not secure and safe.
If we go through the DEX aggregator’s warnings, ZachXBT, a blockchain investigator, has recently publicized that an act of exposure in Profanity has so far permitted some exploiters to take away some $3.3 million worth of digital assets.
On September 20, Wintermute, a UK-based leading crypto market maker has, experienced a hack in which it lost almost $160 million. Ajay Dhingra, a crypto researcher, has claimed that the reason behind the hack may be the company’s hot wallet being adjusted and manipulating an error in the smart contract.
Evgeny Gaevoy, the chief executive officer and founder of the Wintermute, ordered the hackers to be within reach as they are open to treating the hack as a white hat hack.
Source: https://www.thecoinrepublic.com/2022/09/27/about-1m-in-crypto-stolen-from-vanity-address-exploit/