profanity

ChainCatcher news, a hacker known as "0x9731F" has once again profited nearly 1 million dollars in ETH through the Ethereum "Vanity Address" vulnerability. It is reported that the hacker used a tool called "Profanity" to generate Ethereum "Vanity Addresses," employing methods very similar to the previous $160 million attack on the market maker Wintermute.According to data disclosed by PeckShield, the hacker stole 732 ETH on September 25 and then directly transferred the funds to a mixer.However, after the attack, the Profanity developers have taken measures to ensure that no one continues to use the tool. The relevant code has been placed in a non-compilable state and is not set to receive further updates, and the repository has been archived. (Source link)

ChainCatcher news, the SlowMist security team analyzed the attack incident on the Wintermute wallet and found the following information:Wintermute stolen smart contract: 0x00000000ae347930bd1e7b0f35588b92280f9e75, Wintermute stolen EOA wallet: 0x0000000fe6a514a32abdcdfcc076c85243de899b, attacker address: 0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705, attacker smart contract: 0x0248f752802b2cfb4373cc0c3bc3964429385c26The reason for the theft may be that the stolen Wintermute EOA wallet was created using Profanity to generate a vanity address (starting with 0x0000000). Previously, the decentralized exchange aggregator 1inch released a security disclosure report, claiming that certain Ethereum addresses created using a tool called Profanity have serious vulnerabilities.

ChainCatcher news, a hacker exploited a vulnerability in Profanity to steal $3.3 million in assets from multiple Ethereum addresses created through Profanity. Launched in 2017, Profanity is a tool that allows Ethereum users to generate vanity addresses, which are customized wallets containing recognizable names or numbers.Previous report, 1inch released a security disclosure report last week, claiming that certain Ethereum addresses created using a tool called Profanity have serious vulnerabilities. The address generation method of Profanity is insecure, and the keys linked to public addresses can be calculated through brute force attacks. Users who generated addresses using Profanity are advised to transfer their assets to new wallets. (The Block)

ChainCatcher news, the decentralized exchange aggregator 1inch has released a security disclosure report claiming that certain Ethereum addresses created using a tool called Profanity have serious vulnerabilities. The flaw may have allowed hackers to secretly steal tens of millions of dollars from Profanity users' wallets over the past few years. 1inch believes that the address generation method of Profanity is insecure and that keys linked to public addresses can be calculated through brute force attacks. They recommend that users who generated addresses using Profanity transfer their assets to new wallets. Profanity, launched in 2017, is a tool that allows Ethereum users to generate "vanity addresses," which are customized wallets containing recognizable names or numbers. (The Block)