Wintermute inside job theory 'not convincing enough' —BlockSec

Published at: Sept. 28, 2022

Blockchain security firm BlockSec has debunked a conspiracy theory alleging the $160 million Wintermute hack was an inside job, noting that the evidence used for allegations is “not convincing enough."

Earlier this week cyber sleuth James Edwards published a report alleging that the Wintermute smart contract exploit was likely conducted by someone with inside knowledge of the firm, questioning activity relating to the compromised smart contract and two stablecoin transactions in particular.

BlockSec has since gone over the claims in a Wednesday post on Medium, suggesting that the “accusation of the Wintermute project is not as solid as the author claimed,” adding in a Tweet:

“Our analysis shows that the report is not convincing enough to accuse the Wintermute project.

In Edward’s original post, he essentially drew attention as to how the hacker was able to enact so much carnage on the exploited Wintermute smart contract that “supposedly had admin access,” despite showing no evidence of having admin capabilities during his analysis.

BlockSec however promptly debunked the claims, as it outlined that “the report just looked up the current state of the account in the mapping variable _setCommonAdmin, however, it is not reasonable because the project may take actions to revoke the admin privilege after knowing the attack.”

Our short analysis of the Accusation of the Wintermute Project: https://t.co/6Lw6FjUrLp@wintermute_t @evgenygaevoy @librehash @WuBlockchain @bantg Our analysis shows that the report is not convincing enough to accuse the Wintermute project.

— BlockSec (@BlockSecTeam) September 27, 2022

It pointed to Etherscan transaction details which showed that Wintermute had removed admin privileges once it became aware of the hack.

Edwards also questioned the reasons why Wintermute had $13 million worth of Tether (USDT) transferred from two or their accounts on two different exchanges to their smart contract just two minutes after it was compromised, suggesting it was foul play.

Related: Tribe DAO votes in favor of repaying victims of $80M Rari hack

Addressing this, BlockSec argued that this is not as suspicious as it appears, as the hacker could have been monitoring Wintermute transferring transactions, possibly via bots, to swoop in there.

“However, it is not as plausible as it claimed. The attacker could monitor the activity of the transferring transactions to achieve the goal. It is not quite weird from a technical point of view. For example, there exist some on-chain MEV-bots which continuously monitor the transactions to make profits.”

As previously stated in Cointelegraph’s first article on the matter, Wintermute has strongly refuted Edwards claims, and has asserted that his methodology is full of inaccuracies.

Tags
Related Posts
How do DeFi protocols get hacked?
The decentralized finance sector is growing at a breakneck pace. Three years ago, the total value locked in DeFi was a mere $800 million. By February 2021, the figure had grown to $40 billion; in April 2021, it attained a milestone of $80 billion; and now it stands at above $140 billion. Such rapid growth in a new market could not but attract the attention of all manner of hackers and fraudsters. According to a report by crypto research company, since 2019, the DeFi sector has lost about $284.9 million to hacks and other exploit attacks. Hacks of blockchain ecosystems …
Technology / Aug. 14, 2021
Immunefi partners with Binance Smart Chain on bug bounties to secure BSC projects
Immunefi, a security service outfit that specialized in decentralized finance (DeFi) projects, has inked a collaboration with the Binance Smart Chain. According to a release issued on Friday, Immunefi will work in collaboration with BSC to improve the security of projects on the Binance chain. As part of the partnership, ethical hackers who take part in a campaign to discover vulnerabilities in BSC-based projects will earn rewards. As a security outfit, Immunefi has reportedly paid more than $3 million in bug bounties to ethical hackers. Major BSC protocols such as PancakeSwap, DODO, and Zapper among others are already deploying the …
Blockchain / July 9, 2021
Can Web3 be hacked? Is the decentralized internet safer?
Web3 came into existence posed as a blockchain-powered disruption to the current state of the internet. Yet, as a nascent technology, a fog of assumptions plagues discussions about the real capabilities of Web3 and its role in our day-to-day lives. Considering the promise of a decentralized internet using public blockchains, a complete transition to Web3 would require scrutiny across several factors. Out of the lot, security stands as one of the most crucial features as, in a Web3-powered world, tools and applications hosted over the blockchains go mainstream. Smart contract vulnerabilities While the blockchains that host Web3 applications remain impenetrable …
Adoption / Aug. 21, 2022
Cyber sleuth alleges $160M Wintermute hack was an inside job
A fresh new crypto conspiracy theory is afoot — this time in relation to last week's $160 million hack on algorithmic market maker Wintermute — which one crypto sleuth alleges was an "inside job." Cointelegraph reported on Sept. 20 that a hacker had exploited a bug in a Wintermute smart contract which enabled them to swipe over 70 different tokens including $61.4 million in USD Coin (USDC), $29.5 million in Tether (USDT) and 671 Wrapped Bitcoin (wBTC), worth roughly $13 million at the time. In an analysis of the hack posted via Medium on Sept. 26, the author known as …
Blockchain / Sept. 27, 2022
Projects would rather get hacked than pay bounties, Web3 developer claims
As hacks and exploits continue to go rampant within the crypto industry, the importance of finding vulnerabilities to prevent potential losses becomes of utmost importance. However, a Web3 developer highlighted that it’s not rewarding to do so. In a tweet, a Web3 developer claimed that he found a vulnerability in a Solana smart contract that would have affected several projects and around $30 million in funds. According to the dev, he reported and helped patch the vulnerabilities. However, when it was time to ask for a reward, the projects just started to ignore him. The developer noted that this sends …
Blockchain / Dec. 20, 2022