Wintermute's digital assets were worth $160 million. CEO Evgeny Gaevoy claimed the attackers targeted DeFi private trading, which is "separate and independent" from CeFi and OTC.
"The assault occurred on our DeFi wallet, which is distinct from our CeFi and OTC businesses. Both Cefi and Defi's internal systems and data are unaffected, he noted.
Gaevoy stated the assault was "possibly tied" to the DeFi wallet's Profanity vulnerability. "We used profanity and an internal tool to produce zero-filled addresses."
Our motivation was gas optimization, not "vanity," he said, adding that the staff last produced such addresses in June.
"We've switched to a safer key-generation script." We hastened the "old key" retirement after learning about Profanity last week, Gaevoy said.
Despite the breach's damage, Gaevoy assured Wintermute clients' monies remain secure. "There's twice as much equity remaining," says the business.
Thieves took 90 tokens, including USDC and USDT.