Algorithmic market maker service Wintermute suffered a security breach on Tuesday, with hackers making off with around $160 million across 90 assets within the platform's portfolio.
In a brief statement published on Twitter, Wintermute founder and CEO Evgeny Gaevoy stated that “we’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected.”
While around $160 million has been appropriated by the hacker, Gaevoy noted that “out of 90 assets that has been hacked only two have been for notional over $1 million (and none more than $2.5M),” and that as a result there shouldn’t be a “major selloff” of assets.
We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected
— wishful cynic (@EvgenyGaevoy) September 20, 2022
Gaevoy assured users, lenders and partners of the platform that they are “solvent with twice over that amount in equity left”, so all associated entities should expect a full restoration of operations within the coming days.
Gaevoy added that Wintermute remains open to treating the hack as a “white hat” scenario, in which the hacker returns the funds and receives a reward for identifying a vulnerability.
How the Wintermute hack unfolded
While Gaevoy’s tweet was published around 8am UTC, a number of Twitter users seemingly uncovered suspicious activity affecting Wintermute as early as 6am UTC, engaging in a debate on the ins and outs of wash trading after discovering that large amounts had been transferred from Wintermute into exchange liquidity pool 3pool.
Following Gaevoy’s announcement, self-proclaimed on-chain sleuth and 2D detective ZachXBT claimed to have identified the hacker’s wallet address, which contains $47.8 million in its wallet, with the remaining $114.3 million in the decentralized stablecoin exchange Curve Protocol.
Further investigation on blockchain exploration platform EtherScan reveals that the wallet in question has made 45 transactions over the past 5 hours, and holds a plethora of 80 tokens in their wallet including $12.9 million of Wrapped Bitcoin (WBTC), $3.9 million of Pax Dollar (USDP), and $2.3 million in Somnium Space CUBE tokens, among others.
Decrypt has reached out to Wintermute for comment and will update this story should the company respond.