- The Wintermute exploiter still holds 19 million OP tokens.
- The exploit happened because of an internal error at Wintermute.
The crypto ecosystem has seen all kinds of hacks and scams. However, the Wintermute exploit was one of a kind. Recently, the leading global market maker, Wintermute collaborated with the Optimism Foundation to provide liquidity in OP tokens. The latter, therefore, transferred 20 million tokens to Wintermute.
After the funds for the loan were received, Wintermute made a “serious error.” As explained by the organization, they had a Gnosis safe posted for some time on the mainnet and, due to some internal error, mentioned the same wallet as the receiving address. Therefore, Optimism had to transfer an additional 20 million tokens to carry out the launch the next day. Meanwhile, the Wintermute communicated with the Optimism team and arranged for the retrieval of the funds. It was a high-risk method and could be attempted only once and was scheduled for June 7.
The former was informed that the funds could only be retrieved by them. It turned out to be a false statement as a hacker performed a replay attack and used a previously deployed contract (0xE7145dd6287AE53326347f3A6694fCf2954bcD8A). The team informed, “The hacker then proceeded with selling 1m OP tokens for ETH and withdrew back to L1 via Synapse and Hop bridges to then use tornado cash on mainnet.”
The hacker performed a remarkable exploit as the person could cross the difficulties at both L1 and L2. Therefore, there is still hope that it was a white hat attack and that the funds can still be recovered. The hacker still owns 19 million tokens. The Wintermute team has left a message for the hacker stating that they are open to “consulting opportunities or other forms of cooperation in the future.”