Amber Group Successfully Replicates Wintermute's $160M Hack
Many may consider hackers to be geniuses, however, their talent can always be reciprocated and Amber Group has just proven that.
“We have reproduced the recent Wintermute hack. Figured out the algorithm to build the exploit. We were able to reproduce the private key on a MacBook M1 with 16G memory in <48h,” the firm tweeted following its self-initiated investigation into the exploit event.
Amber Group confirmed its claims by leaving an on-chain message to prove its claims. When the Wintermute protocol was hacked on September 20, Chief Executive Officer, Evgeny Gaevoy noted that despite the exploit, the protocol is still very solvent and can fulfill all of its obligations to its creditors and users.
Per the insight that the Amber Group investigation proffered, the digital currency platform said that it too “could extract the private key belonging to Wintermute’s vanity address and estimate the hardware and time requirements to crack the address generated by Profanity.”
The attempt proved successful and Amber said “Profanity relied on a particular elliptic curve algorithm to generate large sets of public and private addresses that had certain desirable characters.” As part of Amber Group’s conclusion, the firm said the process that was used to generate the addresses that were used to exploit Wintermute is not random and could easily be regenerated.
“We figured out how Profanity divides the job on GPUs. Based on that, we can efficiently compute the private key of any public key generated by Profanity. We pre-compute a public key table, then do reverse computation until we find the public key in the table,” Amber said.
The replication exercise showcased that hacks can be successfully investigated, and proactive solutions designed to help forestall negative events like those of Wintermute’s.
Image source: Shutterstock
DeFi Protocol Wintermute Suffers $160M of Hack: CEO