new crypto conspiracy theory has emerged, this time in connection with the recent $160 million hack on algorithmic market maker Wintermute, which one crypto sleuth claims were an "inside job."

On September 20, Cointelegraph reported that a hacker had exploited a bug in a Wintermute smart contract, allowing them to steal over 70 different tokens, including $61.4 million in USD Coin (USDC), $29.5 million in Tether (USDT), and 671 Wrapped Bitcoin (wBTC), which was worth approximately $13 million at the time.

In a Medium post on Sept. 26, the author known as Librehash claimed that the way Wintermute's smart contracts have been conversed with and eventually exploited implies that the hack was carried out by an internal party, declaring: "The relevant transactions initiated by the EOA [externally owned address] show that the hacker was most likely an internal Wintermute team member."

The piece's author, also known as James Edwards, is not a well-known cybersecurity analyst. The analysis is his first Medium post, but it has yet to receive a reaction from Wintermute or other cybercrime experts.

According to Edwards' post, the current theory is that the EOA "that made the call on the 'disrupted' Wintermute smart contract was indeed compromised via the team's use of a defective online vanity address generator tool."

"The attacker was able to make calls on the Wintermute smart contract, which supposedly had admin access," he explained.

Edwards went on to claim that there is no "uploaded, verified code for the Wintermute smart contract in question," which makes it difficult for the public to verify the related to external hacker theory while also raising concerns about transparency.

He then conducted a more in-depth investigation, manually decompiling the smart contract code, and claimed that the code did not match what was attributed to causing the hack.

He also raises concerns about a specific transaction that took place during the exploit, which "shows the transfer of 13.48M USDT from the Wintermute smart contract address to the 0x0248 smart contract (allegedly created and governed by the Wintermute hacker)."

Wintermute allegedly transferred more than $13 million in Tether USD (USDT) from two different exchanges to address a compromised smart contract, according to Etherscan transaction history.

His theory, however, has yet to be confirmed by other blockchain security experts, despite the fact that, following the hack last week, there were some whispers in the community that an inside job was a possibility.

On September 21, Wintermute updated the hack via Twitter, noting that while it was very unfortunate and painful, the rest of its business had not been impacted and would continue to service its partners.

What do you think about the Wintermute attack? Is it really an inside job? Let us know your thoughts by sharing this article on social media.

Sep 27, 2022
Crypto News

More from 

Crypto News


View All

Join Our Newsletter and Get the Latest
Posts to Your Inbox

No spam ever. Read our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.