Hacks and exploits continue to plague the decentralized finance (DeFi) sector as another vanity wallet address joins the roster of DeFi victims, which, collectively, have lost more than $1.6 billion in 2022.
In an alert published by blockchain security firm PeckShield, a hacker was detected after stealing 732 Ether (ETH), around $950,000, from an address created at the Ethereum vanity wallet address generator called Profanity. After draining the wallet, the exploiters sent the crypto to the recently sanctioned crypto mixer Tornado Cash.
#PeckShieldAlert Seems like $950k worth of crypto has been stolen by 0x9731F from Ethereum “vanity address” generated with a tool called Profanity. The exploiter already transferred ~732 $ETH into Mixer pic.twitter.com/QOZfnE49H4
— PeckShieldAlert (@PeckShieldAlert) September 26, 2022
Vanity addresses are customized crypto wallet addresses that are generated to include words or specific characters chosen by the owner. However, as pointed out by recent exploits, the safety of vanity addresses remains questionable.
Earlier in September, decentralized exchange (DEX) aggregator 1inch Network warned community members that their addresses were not safe if they we generated using Profanity. The DEX called out crypto holders with vanity addresses to transfer their assets immediately. According to 1inch, the vanity address generator used a random 32-bit vector to seed 256-bit private keys, which means that it lacks safety.
Following the DEX aggregator’s warnings, ZachXBT, a blockchain investigator, haannounced that an exploit of the vulnerability in Profanity has already allowed some hackers to get away with $3.3 million worth of digital assets.
On Sept. 20, the United Kingdom-based crypto market maker suffered an exploit that led to $160 million in losses. According to researcher Ajay Dhingra, the exploit may have been due to the firm’s hot wallet being compromised and manipulating a bug in the smart contract. Evgeny Gaevoy, the firm’s founder and CEO, called out the attackers to get in touch as they are open to treating the exploit as a white hat hack.