A hacker has siphoned off a wallet on the Ethereum blockchain. The attacker took advantage of a recently identified security flaw. The funds of many investors are likely to be in great jeopardy.
A hacker has taken over $950,000 worth of ether (ETH) siphoning a purse digital, inform our colleagues of The block. The attack was detected by PeckShield, a company specializing in computer security. The operation took place on Sunday, September 25, 2022.
#PeckShieldAlert It appears that 0x9731F stole $950k worth of Ethereum crypto “vanity address” generated with a tool called Profanity. The operator already transferred ~732 $ETH in mixer pic.twitter.com/QOZfnE49H4
—PeckShieldAlert (@PeckShieldAlert) September 26, 2022
At the end of the attack, the pirate disappeared with a loot of 732 ETH. The stolen funds were transferred to Tornado Cash, a famous cryptocurrency mixing service. It allows cybercriminals to cover their tracks by making all digital currency transactions anonymous. After going through a mixer, authorities can theoretically no longer trace the stolen cryptocurrencies. After mixing them with other tokens, the cryptocurrencies were withdrawn to an unknown digital wallet belonging to the perpetrator, according to PeckShield.
Also read: how 44 crypto platforms were allegedly compromised by malicious code
A flaw already exploited by hackers
The hacker behind the exploited attack a flaw identified within Profanity, a custom address generator on the Ethereum blockchain. By exploiting this vulnerability, it is possible to deduce the private key of a wallet from just the address on the blockchain. In the end, all it takes is a simple brute force attack to take complete control of an Ethereum wallet.
As a reminder, the Blasphemy glitch has already allowed cybercriminals to steal money stored in Wintermutea “market maker” or cryptocurrency market maker. In fact, pirates have managed to steal $160 million in crypto assets thanks to noncompliance.
A few weeks earlier, investors lost more than $3.3 million due to vulnerability. Many Ether holders are also likely to be affected by this security flaw. Therefore, other hacks could be quickly orchestrated. Users who used Profanity to generate their Ethereum address are advised to urgently transfer all their assets to a new wallet.
This new trick adds to the many hacks recorded since January 2022. As analytics firm Chainalysis reports, hacks are getting more and more lucrative. Between January and June 2022, hackers made $700 million more than the previous year. Among the most notable hacks are the flight of 8,000 wallets on the block chain Solarium.
The block