Hackers drain yet another wallet with profanity exploit.
About $950K worth of ETH was taken from a crypto wallet recently as the theft was carried out via the same vanity address hack connected to Wintermute. Wintermute fell victim to hacking last week and that platform lost $160 million. This is also the same type of technique that was used to drain 3.3 million from another wallet as well.
A vanity address is an address of crypto which is personalized and created respecting certain parameters given by the users of the addresses. This makes them more personal and easily identifiable without giving up any security, or at least that is the premise. The address is able to be created using a name, a brand, or a special word. They are generated by generating a private key which will then be used to derive a public one.
The public key will then be used to generate a Bitcoin address which will then be verified to see if it meets the vanity pattern that is being sought. Vanity addresses are generated either personally and privately, using computer equipment and appropriate programs which requires a bit of know-how technically or using an online service to create it, which is less secure or reliable. Profanity is an Ethereum Vanity address tool that is used to create vanity addresses for users without the technical know-how to create one themselves.
Data on-chain suggests the stolen funds were then moved to Tornado Cash. The crypto mixing platform has recently been placed under sanctions by the United States Treasury with anyone in the states using it being susceptible to major fines or even long jail time if discovered. 1inch has initially warned users of the vanity address vulnerability in a security report made only a week ago.
In the report 1inch noted how popular Profanity was and the findings discovered after further investigation
“The 1inch contributors checked the richest vanity addresses on popular networks and came to the conclusion that most of them were not created by the Profanity tool. But Profanity is one of the most popular tools due to its high efficiency. Sadly, that could only mean that most of the Profanity wallets were secretly hacked.”
Profanity was developed in 2017 but the address generator was abandoned by its developers a few years ago after they detected fundamental security issues in the generation of private keys. The platform uses a 32-bit vector when seeding its 256-bit private keys and that is just unsafe according to developers. The tool has been used to steal $33 million hours later despite the warning of 1inch. The blockchain investigator ZachXBT was able to locate the theft.
The wintermute exploit came after the $33 million heist as the company maintains the network is solvent and the CEO of the company choosing to believe this is the work of a whitehat hacker.