Slow Fog: The possible reason for the theft of Wintermute's $160 million in assets is the use of a vanity wallet created with Profanity

ChainCatcher news, the SlowMist security team analyzed the attack incident on the Wintermute wallet and found the following information:

Wintermute stolen smart contract: 0x00000000ae347930bd1e7b0f35588b92280f9e75, Wintermute stolen EOA wallet: 0x0000000fe6a514a32abdcdfcc076c85243de899b, attacker address: 0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705, attacker smart contract: 0x0248f752802b2cfb4373cc0c3bc3964429385c26

The reason for the theft may be that the stolen Wintermute EOA wallet was created using Profanity to generate a vanity address (starting with 0x0000000). Previously, the decentralized exchange aggregator 1inch released a security disclosure report, claiming that certain Ethereum addresses created using a tool called Profanity have serious vulnerabilities.