{"id":497560,"date":"2022-10-01T00:15:00","date_gmt":"2022-09-30T21:15:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/amber-group-uses-simple-hardware-to-show-just-how-fast-easy-the-wintermute-hack-was\/"},"modified":"2022-10-01T00:15:00","modified_gmt":"2022-09-30T21:15:00","slug":"amber-group-uses-simple-hardware-to-show-just-how-fast-easy-the-wintermute-hack-was","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/amber-group-uses-simple-hardware-to-show-just-how-fast-easy-the-wintermute-hack-was\/","title":{"rendered":"# Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a35fd63ee477\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a35fd63ee477\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/amber-group-uses-simple-hardware-to-show-just-how-fast-easy-the-wintermute-hack-was\/#%E2%80%9D_Amber_Group_uses_simple_hardware_to_show_just_how_fast_easy_the_Wintermute_hack_was_%E2%80%9C\" >&#8221; Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Amber_Group_uses_simple_hardware_to_show_just_how_fast_easy_the_Wintermute_hack_was_%E2%80%9C\"><\/span>&#8221; Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDkvMTE2ZjM1MDUtNDAzYi00ZWJkLThmYjQtMjU0Y2ZiZTE3NTg1LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-6ebd806f>Amber Group has reproduced the recent Wintermute hack, the Hong Kong-based crypto finance service provider <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/medium.com\/amber-group\/exploiting-the-profanity-flaw-e986576de7ab\">announced<\/a> on its blog. The process was fast and simple, and used hardware easily accessible to consumers. Wintermute lost over $160 million in a private key hack on Sept. 20.<\/p>\n<p>Reproducing the hack can help \u201cbuild a better understanding of the attack surface spectrum across Web3,\u201d Amber Group said. It was only hours after the hack of UK-based crypto market maker Wintermute was revealed that researchers were able to pin the blame for it on the Profanity vanity address generator. <\/p>\n<p>One analyst suggested that the hack had been an inside job, but that conclusion was rejected by Wintermuteand others. The Profanity vulnerability was already known before the Wintermute hack.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">classy<\/p>\n<p>\u2014 wishful cynic (@EvgenyGaevoy) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/EvgenyGaevoy\/status\/1574893566437957632?ref_src=twsrc%5Etfw\">September 27, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nAmber Group was able to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/tx\/0x2b64b221b1a9869fa08d09c5fe2236baee37332b473589f8f90f07ea2ccb2e6b\">reproduce<\/a> the hack in less than 48 hours after preliminary setup that took less than 11 hours. Amber Group used a Macbook M1 with 16GB RAM in its research. That was far speedier, and used more modest equipment, than how a previous analyst had estimated the hack would play out, Amber Group noted. <\/p>\n<p><strong><em>Related:\u00a0The impact of the Wintermute hack could have been worse than 3AC, Voyager and Celsius \u2014 Here is why<\/em><\/strong><\/p>\n<p>Amber Group detailed the process it used in the re-hack, from obtaining the public key to reconstructing the private one, and it described the vulnerability in the way Profanity generates random numbers for the keys it produces. The group notes that its de<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">script<\/a>ion \u201cdoes not purport to be complete.\u201d It added, repeating a message that has often been spread before:<\/p>\n<blockquote><p>\u201cAs well documented by this point \u2014 <strong>your funds are not safe if your address was generated by Profanity\u00a0<\/strong>[\u2026] Always manage your private keys with caution. Don\u2019t trust, verify.\u201d<\/p><\/blockquote>\n<p>The Amber Group blog has been technically oriented from its inception, and has addressed security issues before. The group achieved a $3-billion valuation in February after a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">Series<\/a> B+ funding round.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/amber-group-uses-simple-hardware-to-show-just-how-fast-easy-the-wintermute-hack-was\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Amber Group uses simple hardware to show just how fast, easy the Wintermute hack was &#8220; Amber Group has reproduced the recent Wintermute hack, the Hong Kong-based crypto finance service provider announced on its blog. The process was fast and simple, and used hardware easily accessible to consumers. Wintermute lost over $160 million in&#8230;<\/p>\n","protected":false},"author":1,"featured_media":497561,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDkvMTE2ZjM1MDUtNDAzYi00ZWJkLThmYjQtMjU0Y2ZiZTE3NTg1LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74868,74882,80098],"class_list":["post-497560","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-defi","tag-hacks","tag-private-keys"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/497560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=497560"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/497560\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/497561"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=497560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=497560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=497560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}