CRYPTO NEWS

Hacker steals $3.3 million using Profanity’s vanity Ethereum addresses

Since the crypto industry expanded its growth, it has become the favorite place for hackers to commit exploits. The Ethereum vanity addresses generated via the Profanity tool have now become the latest loophole to dupe millions of crypto users.

As per the market insights provider firm, Etherscan, Ethereum custom addresses created via the Profanity tool have been breached by a hacker who stole almost $3.3 million from several custom ETH addresses.

Related Reading: Crypto Trading Firm Wintermute Has Suffered $160 Million Hack

ZachXBT, an expert tracking the hacker’s activity, first detected and informed about the breach that began on September 16. The anonymous sleuth also preserved a user’s NFTs worth $1.2 million who moved his assets from vanity addresses after being informed.

Vanity addresses are something like a golden number of vehicles for which riders pay high in an attempt to show off. Likely, vanity addresses involve one’s name or desired info to appear as a distinguished address created via tools like Profanity. 

1Inch Exposed Profanity’s Vulnerabilities Before Exploit

It is worth noting that decentralized exchange aggregator 1Inch, who previously suggested using the tool, informed the community before the hack that vanity addresses pose higher vulnerabilities. In the report published last week, the firm suggested users move their funds from wallet addresses made using Profanity.

1Inch said that Profanity became a prominent tool to generate millions of addresses in one second, and the wider crypto community was using it. But, then, 1Inch’s contributors detected used procedure was not flawless and open to exploitation.

Experts noted that the tool’s procedure uses a 32-bit vector for generating 256-bit code, so-called private keys. And this process was recognized as unsafe in the report. The report reads;

The 1inch contributors checked the richest vanity addresses on popular networks and came to the conclusion that most of them were not created by the Profanity tool. But Profanity is one of the most popular tools due to its high efficiency. Sadly, that could only mean that most of the Profanity wallets were secretly hacked.

Ethereum’s price is currently trading above $1,300. | Source: ETHUSD price chart from TradingView.com
Hacker Cashed Out Stolen Money After 1Inch’s Report

The hacker drained money from the targeted wallet addresses immediately after the 1Inch report exposed the vulnerabilities, per ZachXBT. The hacker then moved stolen funds to a new Ethereum address.

Tal Be’eryBe’ery, chief technology office and security head at ZenGo, commented on the breach;

“Seems like the attackers were sitting on this vulnerability, trying to find as many private keys as possible of vulnerable Profanity-generated vanity addresses before the vulnerability gets known. Once publicly exposed by 1inch, the attackers cashed out in a few minutes from multiple vanity addresses.”

Related Reading: Bearish Crypto Market Sentiment Sends Investors Back To Stablecoins

Additionally, a Profanity developer also warned users about the vulnerabilities he found in the code a few years ago. The developer highlighted the issues on GitHub and abandoned the project by revealing the current state of the tool is unsafe to use.

Featured image from Pixabay and chart from TradingView.com

GBTC Reaches All-Time Low Discount of -35%

Shares of the Grayscale Bitcoin Trust (GBTC) have never been cheaper relative to the value of the company’s underlying Bitcoin holdings. The GBTC discount has gone below 35% again for the first time since June. While the company’s holdings per share are worth $17.27, the market value of each share is only $11.18.  Figures for::Listen

Shares of the Grayscale Bitcoin Trust (GBTC) have never been cheaper relative to the value of the company’s underlying Bitcoin holdings.

The GBTC discount has gone below 35% again for the first time since June. While the company’s holdings per share are worth $17.27, the market value of each share is only $11.18. 

  • Figures for calculating the discount are publicly available on Grayscale’s website. As is displayed, GBTC share prices were down 4.77% on Monday, versus a mere 2.54% daily drop in the value of its holdings per share. 
  • Specifically, the Trust’s net asset value rests at $11.9 billion – about 635,000 Bitcoin. Meanwhile, its total share value is just $7.74 billion.
  • GBTC is a Bitcoin Trust designed to give investors exposure to Bitcoin’s price. However, unlike an exchange-traded fund (ETF), shares of GBTC are not easily created or destroyed. This makes it difficult for its price movements to respond to that of its underlying Bitcoin, thus creating discrepancies. 
  • The last time GBTC was this low was in June, shortly after the Securities and Exchange Commission (SEC) rejected Grayscale’s application to transition into a Bitcoin Spot ETF. Grayscale has since sued the commission. 
  • One of Grayscale’s primary arguments for approving the transition has been to erase its trading discount. This would bring a roughly 50% value boost to GBTC holders if ever approved. 
  • The SEC argues that it can only approve such a product if Grayscale enters a “surveillance-sharing agreement with a regulated market of significant size related to the underlying or reference bitcoin assets.”
  • Grayscale filed last week to reward the holders of its Ethereum products with an ETHPoW cash disbursal. 

The post GBTC Reaches All-Time Low Discount of -35% appeared first on CryptoPotato.

Hacker steals $3.3 million using Profanity’s vanity Ethereum addresses

Shopping cart
There are no products in the cart!
Continue shopping
0