Tęsiant išnaudojimus, įsilaužėlis iš kriptovaliutų adreso pavagia 950,000 XNUMX USD

A hacker has stolen $950,000 in ether from a crypto wallet via the same vanity address exploit linked to an attack on trading firm Wintermute last week.

The hacker stole 732 ETH on Sept. 25 and sent it directly to the sankcijos cryptocurrency mixing service Tornado Cash, according to „PeckShield“ citavimas grandinės duomenys. Here it will have been mixed with other cryptocurrency and withdrawn to the hacker’s own wallet.

The exploit was made possible due to the recent vanity address weakness that was pakėlė on GitHub in January but only made plačiai žinomas by DEX aggregator 1inch on Sept. 15. A vanity address is a cryptocurrency address designed in a certain way, often to feature a pattern or word in the address, similar to a custom license plate on a car. 

Many vanity addresses were created through a tool called Profanity. Yet 1inch highlighted that its method of creating such addresses made them easier to breach through a brute force attack. While this would require a lot of computing power, it might be offset by the amount of cryptocurrency in the wallet.

A number of smaller hacks have taken place so far. Earlier this month, $3.3 million was nusausinti from multiple Ethereum addresses that had used Profanity.

On Sept. 20, crypto market making firm Wintermute said it had been nulaužė for $160 million — later pripažįstant it was likely due to this exact issue.

© 2022 „The Block Crypto, Inc.“. Visos teisės saugomos. Šis straipsnis pateiktas tik informaciniais tikslais. Ji nesiūloma ir nesiekiama naudoti kaip teisinė, mokesčių, investavimo, finansinė ar kita konsultacija.