The $160 million Wintermute hack caused chaos in the market. While the crypto market maker remained calm, the rest of the community began rolling out conjectures related to the attack. Several even suggested that this was an inside job. Earlier this week, James Edwards wrote a detailed report of how an internal member could have hacked the platform. However, BlockSec, a prominent security firm did not seem to agree with this theory.
Edwards in his report primarily focused on the Wintermute smart contract that was compromised as well as the stablecoin transactions. BlockSec suggested that the accusation wasn’t as concrete as the author contended.
In his elaborate report, Edward alleges that the hacker entailed admin access while carrying out the exploit on the smart contract. BlockSec called Edward out for not displaying evidence about the same in his report. The report read,
“The report just looked up the current state of the account in the mapping variable _setCommonAdmin, however, it is not reasonable because the project may take actions to revoke the admin privilege after knowing the attack.”
It should be noted that Wintermute decided to take down admin privileges right after the attack came to light.
What about the 13 million USDT transferred post-Wintermute hack?
The report that alleges the Wintermute hack was an inside job pointed out the transfer of 13.48 million USDT. This further elevated Edward’s suspicion as this occurred just two minutes after the smart contract was exploited.
BlockSec, however, dismissed this and noted how the hacker could have been employing bots in the scenario. The security firm added,
“However, it is not as plausible as it claimed. The attacker could monitor the activity of the transferring transactions to achieve the goal. It is not quite weird from a technical point of view. For example, there exist some on-chain MEV-bots which continuously monitor the transactions to make profits.”
Additionally, Wintermute has been mum about the situation but it has affirmed that the firm wasn’t insolvent.