$160 million stolen from crypto market maker Wintermute

The CEO of Wintermute has stated that they are “open” to treating the hack as a white hat hack and would speak to the attacker.

Wintermute, a cryptocurrency market maker based in the United Kingdom, became the latest victim of decentralized finance (DeFi) hacks for approximately $160 million, according to Evgeny Gaevoy, the company’s founder and CEO.

According to Etherscan, over 70 different tokens have been transferred to “Wintermute exploiter,” including $61,350,986 in USD Coin (USDC), 671 Wrapped Bitcoin (wBTC), which is roughly $13,030,061, and $29,461,533 Tether (USDT). The largest token sum appears to be USDC. 

The company’s over-the-counter and centralized finance operations were not affected, as the hacker(s) drained funds from its DeFi operations. Gaevoy stated that the market maker is solvent with twice over the stolen amount in equity left, stressing that users’ funds are safe. 

Wintermute is an algorithmic market maker working with digital assets such as cryptocurrencies. The group is a registered company in the United Kingdom, located in Cheshire, and regulated by the Financial Conduct Authority. According to Companies House, Evgeny Gaevoy is Director with “more than 25%, but not more than 50%” shares.

In the short, ongoing tweet thread, the Dutch national suggested that the hack could be treated as a white-hat hack. The perpetrator may contact Wintermute to share the vulnerabilities they discovered to avoid repeat hacks in the future.

Related: Polygon CSO blames Web2 security gaps for recent spate of hacks

White hat hacks are common in crypto.  Exchanges, market markers and sometimes companies reward hackers bounties in the form of cash or job positions. As the Ether address for the Wintermute Exploiter is public, the address has been spammed by crypto enthusiasts, stating messages like “plz give. I’m very poor. Even $5k would be amazing.”

Cointelegraph has reached out to Wintermute for a response and will update when possible.