A hacker managed to get away with 732 ETH worth around $950,000 from a crypto wallet.
Interestingly, blockchain security firm PeckShield revealed that the theft was carried out via the same vanity address hack connected to the UK-based crypto market maker Wintermute.
On-chain data suggested that the hacker moved the stolen funds to the OFAC-sanctioned crypto mixing tumbler Tornado Cash.
The latest exploit comes days after decentralized finance aggregator 1inc first discovered a severe vulnerability in the Profanity tool and stated that user funds are at risk of loss following a potential exploit.
Launched in 2017, Profanity is a tool designed to enable Ethereum users to create “vanity addresses,” which are essentially custom crypto wallets with identifiable names or numbers within them.
As per 1inch’s report, the vanity address generator uses a random 32-bit vector to seed 256-bit private keys, thereby making it unsafe.
The Profanity address generator was abandoned by its developers a few years ago after detecting fundamental security issues in the generation of private keys.
Shortly after the security report by 1inch, a hacker stole $3.3 million worth of cryptocurrencies from several Ethereum addresses generated with the tool last week.
The Wintermute exploit came next, wherein perpetrators compromised decentralized finance operations while the centralized finance and over-the-counter verticals were safe.
As per the report, more than $162k was stolen in over 13 transactions. The exploit was speculated to have transpired from a brute force attack on the Profanity wallet.
The post Profanity Exploit Continues as Hackers Drain Another 732 ETH From Crypto Wallet appeared first on CryptoPotato.