Tuesday 4 October 2022
Home / none / Profanity tool vulnerability drains $3.3M despite 1Inch warning

Profanity tool vulnerability drains $3.3M despite 1Inch warning

Decentralized exchange aggregator 1inch Network issued a warning to crypto investors after identifying a vulnerability in Profanity, an Ethereum (ETH) vanity address generating tool. Despite the proactive warning, apparently, hackers were able to make away with $3.3 million worth of cryptocurrencies.

On Sept. 15, 1Inch revealed the lack of safety in using Profanity as it used a random 32-bit vector to seed 256-bit private keys. Further investigations pointed out the ambiguity in the creation of vanity addresses, suggesting that Profanity wallets were secretly hacked. The warning came in the form of a tweet, as shown below.

A subsequent investigation by blockchain investigator ZachXBT showed that a successful exploit of the vulnerability allowed hackers to drain $3.3 million in crypto.

Moreover, ZachXBT helped a user save over $1.2 million in crypto and nonfungible tokens (NFTs) after alerting them about the hacker who had access to the user’s wallet. Following the revelation, numerous users confirmed that their funds were safe, as one stated:

“Wtf 6h after the attack my addresses was still vuln but the attacker didnt drained me? had 55k at risk lol”

However, hackers tend to attack the bigger wallets before moving over to wallets with lesser value. Users owning wallet addresses generated with the Profanity tool have been advised to “Transfer all of your assets to a different wallet ASAP!” by 1Inch.

Related: Law enforcement recovers $30 million from Ronin Bridge hack with the help of Chainalysis

While some hackers prefer the traditional method of draining users’ funds after illegally accessing the crypto wallets, others try out new ways to fool investors into sharing their private keys.

One of the recent innovative scams involved the hacking of a YouTube channel for playing fabricated videos of Elon Musk discussing cryptocurrencies. On Sept. 3, the South Korean government’s YouTube channel was momentarily hacked and renamed for sharing live broadcasts of crypto-related videos.

The compromised ID and password of the YouTube channel were identified as the root cause of the hack.

Original Article

About Jude Savage

Check Also

Ethereum Merge spikes block creation with a faster average block time

The Merge upgrade for Ethereum (ETH), which primarily sought to transition the blockchain into a proof-of-stake (PoS) consensus mechanism, has been revealed to have a positive impact on the creation of new Ethereum blocks. The Merge was considered one of the most significant upgrades for Ethereum. As a result of the hype, numerous misconceptions around cheaper gas fees and faster transactions plagued the crypto ecosystem, which was debunked by Cointelegraph. However, some of the evident improvements experienced by the blockchain post-Merge include a steep increase in daily block creation and a substantial decrease in average block time. Ethereum blocks per day. Source: YChartsOn Sept. 15, Ethereum completed The Merge upgrade after successfully transitioning the network to PoS. On the same day, the number of blocks created daily (EBC) shot up by roughly 18% — from approximately 6,000 blocks to 7100 blocks per day. Ethereum average block time (EBT). Source: YChartsComplementing this move..

Leave a Reply

Your email address will not be published. Required fields are marked *