Decentralised exchange aggregator 1inch has reportedly given a warning to cryptocurrency investors post identification of a vulnerability in Profanity, an Ethereum (ETH) vanity address generating tool, as hackers stole $3.3 million worth of cryptocurrencies, according to Cointelegraph.
As reported by Cointelegraph, on September 15, 1inch unveiled that there’s lack of safety with Profanity usage on account of using a 32-bit vector to seed 256-bit private keys. Further investigations showed the presence of ambiguity with regard to creation of vanity addresses, suggesting the Profanity wallets were confidentially hacked. A follow-up investigation by blockchain investigator ZachXBT stated the exploit of the vulnerability which allowed hackers to conduct the draining of $3.3 million in cryptocurrencies.
On the basis of information by Cointelegraph, ZachXBT helped a user save over $1.2 million in cryptocurrencies and non-fungible tokens (NFTs) post alerting them about the hacker who had access to the user’s wallet. However, hackers have shown the behaviour of targeting bigger wallets before moving over to wallets having lesser value. Users owning wallet addresses created by Profanity tool have been given the suggestion of transferring all of their assets through a different wallet, by 1inch.
Moreover, Cointelegraph noted that while some hackers look for a traditional method of stealing cryptocurrency funds after accessing their cryptocurrency wallets, others try to innovate different ways to try investors into sharing their private keys. Recently, one of the scams concerning the hacking of a YouTube channel for playing fake videos of Elon Musk discussing cryptocurrencies happened. On September 3, the South Korean government’s YouTube channel was briefly hacked and renamed for sharing live broadcasts of cryptocurrency-oriented videos. ID and password of the YouTube channel were considered as the reasons behind the hack.
(With insights from Cointelegraph)