Wintermute

Hacked

Infrastructure · ✝ 2022

A vanity address gambled away ~$160M to a brute-force attacker.

Wintermute is an algorithmic crypto market maker whose DeFi operations were drained of roughly $160M in September 2022. The attacker exploited a private key generated by the Profanity vanity-address tool, which used weak entropy that could be brute-forced.

Peak: ~$160M stolen
Cause: Hacked
Year of death: 2022

☠️ Cause of death

A hot wallet derived from a Profanity vanity address had brute-forceable keys, letting the attacker compute the private key and sweep the funds.

📓 Lessons left behind

—Never secure operational funds with vanity-address generators.
—Weak key entropy is a single point of catastrophic failure.
—Move signing authority behind multisig and cold storage.

🌱 The idea that survived

Secure key generation

Forced the industry to abandon vanity tooling and adopt high-entropy key management with hardware multisig.

#custody#private-key#vanity-address