A hacker has stolen $950,000 in ether from a crypto wallet via the same vanity address exploit linked to an attack on trading firm Wintermute last week.
The hacker stole 732 ETH on Sept. 25 and sent it directly to the ຖືກລົງໂທດ cryptocurrency mixing service Tornado Cash, according to PeckShield ອ້າງເຖິງ ຂໍ້ມູນລະບົບຕ່ອງໂສ້. Here it will have been mixed with other cryptocurrency and withdrawn to the hacker’s own wallet.
The exploit was made possible due to the recent vanity address weakness that was ເກັບຂຶ້ນ on GitHub in January but only made ເປັນທີ່ຮູ້ຈັກຢ່າງກວ້າງຂວາງ by DEX aggregator 1inch on Sept. 15. A vanity address is a cryptocurrency address designed in a certain way, often to feature a pattern or word in the address, similar to a custom license plate on a car.
Many vanity addresses were created through a tool called Profanity. Yet 1inch highlighted that its method of creating such addresses made them easier to breach through a brute force attack. While this would require a lot of computing power, it might be offset by the amount of cryptocurrency in the wallet.
A number of smaller hacks have taken place so far. Earlier this month, $3.3 million was drained from multiple Ethereum addresses that had used Profanity.
On Sept. 20, crypto market making firm Wintermute said it had been hacked for $160 million — later ຍອມຮັບ it was likely due to this exact issue.
© 2022 The Block Crypto, Inc. ສະຫງວນລິຂະສິດທຸກປະການ. ບົດຂຽນນີ້ແມ່ນສະ ໜອງ ໃຫ້ເພື່ອຈຸດປະສົງຂໍ້ມູນເທົ່ານັ້ນ. ມັນບໍ່ໄດ້ຖືກສະ ເໜີ ຫຼືມີຈຸດປະສົງທີ່ຈະ ນຳ ໃຊ້ເປັນກົດ ໝາຍ, ພາສີ, ການລົງທືນ, ການເງິນ, ຫລື ຄຳ ແນະ ນຳ ອື່ນໆ.
ກ່ຽວກັບຜູ້ຂຽນ
Tim ເປັນບັນນາທິການຂ່າວຢູ່ The Block ຜູ້ທີ່ສຸມໃສ່ DeFi, NFTs ແລະ DAOs. ກ່ອນທີ່ຈະເຂົ້າຮ່ວມ The Block, Tim ເປັນບັນນາທິການຂ່າວຢູ່ Decrypt. ລາວໄດ້ຮັບປະລິນຍາຕີດ້ານປັດຊະຍາຈາກມະຫາວິທະຍາໄລຢອກແລະສຶກສາວາລະສານຂ່າວຢູ່ສະມາຄົມຫນັງສືພິມ. ຕິດຕາມລາວໃນ Twitter @Timccopeland.
Source: https://www.theblock.co/post/172773/hacker-steals-950000-from-crypto-vanity-address-as-exploits-continue?utm_source=rss&utm_medium=rss