The Wintermute hack that rocked the crypto sector last week took the entire market by storm after malicious actors made away with about $160 million. While many theories have been postulated regarding the hack, a new theory suggests that it could be an inside job. According to the details of the hack, the bad actor was able to compromise the market maker after taking advantage of a bug in its system.
The hackers stole about $160 million from Wintermute
According to reports, the hacker carted away more than three different tokens in a hack that saw the platform lose about $160 million. USDC, Tether, and wBTC were a few of the tokens of immense value that the platform reported as stolen. In an analysis that was culled off medium, the author mentioned that due to the way Wintermute designed their smart contracts and the way the hack took place, all indications point to the fact that someone on the team carried it out.
The theory talked about the series of transactions that were carried out by addresses that were owned externally. Although the theory has been flying around since yesterday, the Wintermute team has refused to comment on the analysis put forward by the researcher.
Edwards claimed it was an inside job
In his theory, James Edwards, the author of the piece, noted that one look at the whole thing shows that the external addresses that made the call on the smart contracts on the platform were already compromised. He argued that this was due to the type of online vanity address generation tool the team used. The whole argument is based on the fact that when the hacker got the addresses’ private keys, he could make calls on the smart contracts with admin access. Edwards also generated a bit of transparency controversy for the team after claiming that they refused to publish the legit code they used in the smart contract.
If it was available, it would’ve helped in the theory about the work being from an internal source. Edwards also claimed that after examining the code, he discovered that the code did not look like what had been pointed out as causing the hack in the first place. He also claimed that the Wintermute team had sent $13 million into a smart contract that they were aware of its state of compromise. Although his story looks solid, it is yet to be backed by known figures in the market. However, it is safe to say that the murmurs across the last week show that it was an insider’s job.
Source: https://www.cryptopolitan.com/was-the-wintermute-hack-an-inside-job/