Crypto of nearly $1 million stolen through vanity address exploit

Date:

- Advertisement -

The hacker managed to steal 732 ETH worth around $950,000 and transferred it to the Tornado Cash mixer.

Another vanity wallet address has been added to the list of DeFi victims, who have altogether lost more than $1.6 billion in 2022 due to hacks and attacks that continue to plague the industry of decentralised finance (DeFi).

According to a warning issued by blockchain security company PeckShield, a hacker was identified after taking 732 Ether (ETH), worth roughly $950,000, from an account created using the Profanity Ethereum vanity wallet address generator. The exploiters transferred the cryptocurrency to the recently authorised crypto mixer Tornado Cash after emptying the wallet.

Vanity addresses are created cryptocurrency wallet addresses that are customised to contain words or particular characters preferred by the owner. However, the security of vanity addresses is still in doubt, as shown by recent vulnerabilities.

Decentralized exchange (DEX) aggregator 1inch Network alerted community members earlier in September that addresses generated with profanity were not secure. The DEX urged cryptocurrency owners with vanity addresses to move their holdings right away.

Crypto of nearly $1 million stolen through vanity address exploit

The vanity address generator is unsafe, according to 1inch, because it seeded 256-bit private keys with a random 32-bit vector.

Following the DEX aggregator’s warnings, blockchain researcher ZachXBT revealed that some hackers had already been able to steal $3.3 million worth of cryptocurrency via an exploit of the Profanity flaw.

The UK-based cryptocurrency market maker had an exploit on September 20 that cost it $160 million. Ajay Dhingra, a researcher, speculates that the vulnerability may have resulted from the firm’s hot wallet being compromised and used to manipulate a smart contract flaw.

The CEO and creator of the company, Evgeny Gaevoy, issued a request to the attackers to get in touch if they are interested in treating the flaw as a white hat hack.

- Advertisement -
Mufasa
Mufasa
Mufasa is the lead writer at CryptoMufasa who likes to share all the latest info on the crypto world with you! Mufasa Enjoys enjoys a good read and recommendations so don't forget to comment on the posts and let him know.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More like this
Related

Kraken Settles With The SEC And Is Fined $362k For Violating U.S Sanctions on Iran

Kraken voluntarily agreed to pay a fine after the...

OKX released a proof-of-reserves page, offering instructions on how to self-audit its reserves

Cryptocurrency exchange OKX has released a proof-of-reserves page allowing...

500 million Whatsapp numbers are being auctioned off by Dark Web hackers

As hackers are selling as most updated mobile phone...

UK bank Starling restricts crypto-related purchases

Starling has banned customers from purchasing digital currencies with...