After conducting an investigation into the recent $160 million exploit of Wintermute, digital assets firm Amber Group said it was able to repeat the full attack vector.

Amber said it recalculated the private key of the address that market-making firm Wintermute had used. It also signed a transaction from Wintermute's hacked address and left an on-chain message to prove its claim. 

In its analysis of the hack, Amber said that it took the firm only two days to crack the private key with the help of a MacBook M1 computer. To do this, the firm launched a brute force attack that extracted the seed phrase (or private key) to then unlock funds held in Wintermute's address

“We have reproduced the recent Wintermute hack. Figured out the algorithm to build the exploit. We were able to reproduce the private key on a MacBook M1 with 16G memory in <48h,” Amber Group noted  in a tweet.

On Sept. 20, crypto market-making firm Wintermute was hacked for $160 million from its Ethereum vault. The vault relied on an admin address, which was targeted to extract the private key to move the funds.

Wintermute’s hacked admin account was a “vanity address,” a type of crypto address containing identifiable names or numbers within them — or which have a particular style — and can be generated using certain online tools including Profanity. Security analysts at 1inch found that private keys of vanity addresses generated with Profanity could be calculated by malicious hackers to steal funds.

Several days after the exploit of Wintermute, Amber decided to conduct its own investigation. The firm went on to determine that it too could extract the private key belonging to Wintermute’s vanity address and estimate the hardware and time requirements to crack the address generated by Profanity.

In its independent analysis, Amber explained that Profanity relied on a particular elliptic curve algorithm to generate large sets of public and private addresses that had certain desirable characters. The Profanity tool created millions of addresses per second and searched for the desired letters or digits that were requested by users as custom wallet addresses. Still, the process used to generate those addresses lacked randomness, and private keys could be reverse-calculated with GPUs.


“We figured out how Profanity divides the job on GPUs. Based on that, we can efficiently compute the private key of any public key generated by Profanity. We pre-compute a public key table, then do reverse computation until we find the public key in the table,” Amber said.


This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.