Skip to content Skip to sidebar Skip to footer

Wintermute, a UK-based cryptocurrency market maker, has become the latest victim of decentralized finance (DeFi) hack, losing around $160 million, according to Evgeny Gaevoy, the company’s founder and CEO.

According at Etherscan, more than 70 different tokens were transferred to “Wintermute exploit”, including $61,350,986 in USD Coin (USDC), 671 Wrapped Bitcoin (wBTC), or approximately $13,030,061, and $29,461,533 Tether (USDT). The largest token sum appears to be USDC.

The company’s OTC and centralized financial operations were unaffected, as the hacker(s) drained funds from its DeFi operations. Gaevoy said the market maker is solvent with double the amount stolen in equity, stressing that user funds are safe.

Wintermute is an algorithmic market maker working with digital assets such as cryptocurrencies. The group is a UK registered companylocated in Cheshire and regulated by the Financial Conduct Authority. According at Companies House, Evgeny Gaevoy is a director with “more than 25%, but not more than 50%” of shares.

According to Ajay Dhingra, Head of Research and Analytics at smart exchange Unizen, “The nature of the exploit suggests that the Wintermute hot wallet has been compromised.” Dhingra told Cointelegraph that “the attacker cleverly handled the bug in the smart contract.”

“This incident again draws attention to the tightening of screws around smart contract security, which is uncharted territory at this time.”

In the short tweet thread, Gaevoy, a Dutch national suggested that the hack could be treated as a white hat hack. The author can contact Wintermute to share the vulnerabilities they have discovered to prevent repeat hacks in the future.

Related: Polygon CSO Blames Web2 Security Flaws for Recent Round of Hacks

White hat hacks are common in crypto. Exchanges, market markers and sometimes businesses reward hackers with bounties in the form of money or jobs. Like ether (ETH) Wintermute Exploiter’s address is public, the address has been spammed by crypto enthusiasts showing messages like “plz give. I’m very poor. Even $5000 would be amazing.

Cointelegraph has contacted Wintermute for a response and will update when possible.