Profanity Exploit Continues as Hackers Drain Another 732 ETH From Crypto Wallet
A string of Profanity exploits this month has pushed vanity addresses in the spotlight again as well as the risks associated with it.
A hacker managed to get away with 732 ETH worth around $950,000 from a crypto wallet.
Interestingly, blockchain security firm PeckShield revealed that the theft was carried out via the same vanity address hack connected to the UK-based crypto market maker Wintermute.
- On-chain data suggested that the hacker moved the stolen funds to the OFAC-sanctioned crypto mixing tumbler Tornado Cash.
- The latest exploit comes days after decentralized finance aggregator 1inc first discovered a severe vulnerability in the Profanity tool and stated that user funds are at risk of loss following a potential exploit.
- Launched in 2017, Profanity is a tool designed to enable Ethereum users to create “vanity addresses,” which are essentially custom crypto wallets with identifiable names or numbers within them.
- As per 1inch’s report, the vanity address generator uses a random 32-bit vector to seed 256-bit private keys, thereby making it unsafe.
- The Profanity address generator was abandoned by its developers a few years ago after detecting fundamental security issues in the generation of private keys.
- Shortly after the security report by 1inch, a hacker stole $3.3 million worth of cryptocurrencies from several Ethereum addresses generated with the tool last week.
- The Wintermute exploit came next, wherein perpetrators compromised decentralized finance operations while the centralized finance and over-the-counter verticals were safe.
- As per the report, more than $162k was stolen in over 13 transactions. The exploit was speculated to have transpired from a brute force attack on the Profanity wallet.
Bitcoin20 hours ago
Bitcoin options traders await a catalyst in the asset as BTC slips below $27,000
Litecoin20 hours ago
Litecoin Price Prediction: LTC coils up, eyes 20% rall
Ethereum20 hours ago