UK-based cryptocurrency market maker Wintermute has suffered a loss of approximately $160 million to a cyber attack. In a series of tweets, the company’s founder and chief executive – Evgeny Gaevoy – revealed that its decentralized finance operations had been compromised. However, the centralized finance and over-the-counter verticals were not affected.

Blockchain security expert – Certik – recorded that $162,509,665 was stolen in 13 transactions and speculated that the exploit possibly resulted from a brute force attack on the Profanity wallet. The hacker took advantage of a leaked private key which they were able to use to set their fraudulent contract as the swap contract.

Notably, the private key compromise came from a vulnerability in the Profanity wallet reported last week in a security disclosure report by 1inch. After the compromise was detected by the decentralized exchange aggregator, the attacker stole over $3 million worth of digital assets from several Ethereum addresses generated with the Profanity tool.

Blockchain expert – ZachXBT – located the hacker’s wallet, which held $13 million in Wrapped Bitcoin (WBTC), more than $9 million worth of ETH, and $38 million plus other ERC-20 tokens as at Tuesday. Also, a significant part of the stolen funds – $114 million in USDC and USDT stablecoins – has been transferred to Curve Finance’s 3Crv liquidity pool.

Despite the hack, Gaevoy assured investors that Wintermute, has twice over of the stolen amount left in equity. This is no suprise as the company is backed by Lightspeed Venture Partners, Pantera Capital as well as Fidelity’s Avon. Neither Wintermute nor Gaevoy has revealed any further details of the hack and it is not known whether law enforcement has been alerted.

Featured Image Source: www.crypto-economy.com