Wintermute lost $160 million in September 2022. The CEO and founder, Evgeny Gaevoy, tweeted about a hack targeting the company’s decentralized finance (DeFi) business and disclosed a loss of $160 million.
Despite there being no impact on the company’s loan or OTC services, CEO Evgeny Gaevoy said that there is still “twice over” $160 million in stock available, indicating that the firm is still sustainable.
The usage of Wintermute’s smart contracts, which were later exploited, according to author Librehash, “shows the hack was carried out by an internal party,” according to an analysis of the incident published on September 26.
BlockSec debunks Wintermute’s inside job theory
A conspiracy idea that the $160 million Wintermute breach was an inside job has been refuted by blockchain security company BlockSec, which notes that the supporting information is “not persuasive enough.”
Cyber investigator James Edwards published a report earlier this week questioning activity surrounding the compromised smart contract and two stablecoin transactions, in particular, alleging Wintermute.
After reviewing the accusations, BlockSec said on Wednesday on Medium that “the accusation of the Wintermute project is not as strong as the author stated.” The company also stated the report is not convincing enough to accuse Wintermute.
In Edward’s initial article, he basically drew attention to how the hacker was able to inflict such havoc on the hacked Wintermute smart contract, which “allegedly had admin access,” while providing no indication of admin skills throughout his investigation.
The assertions were quickly refuted, however, by BlockSec, which stated that “the report only looked up the current state of the account in the mapping variable _setCommonAdmin, but it is not rational because the project may take measures to remove the admin power after learning the attack.”
Edwards also raised suspicions of foul play when he questioned why the platform had Tether (USDT) worth $13 million moved from two of their accounts on two distinct exchanges to their smart contract barely two minutes after it had been hacked.
BlockSec responded by saying that this is not as suspicious as it would seem since the hacker might have been keeping an eye on the platform’s transferring transactions using bots before jumping in.
