According to Gaevoy, the firm is financially solvent and has more than double the amount of the stolen monies in equity. Clients who had a market-making arrangement with Wintermute would not lose money, but the service would be affected for a few days until the issue was resolved, according to the CEO.
Though the actual method of attack is unknown, Blockworks said that the assault might have been carried out by exploiting a newly discovered weakness in vanity wallet addresses produced by a program called Profanity. Ethereum addresses are made up of 40 hexadecimal characters that are normally random — however, programs exist to produce a vast number of alternative addresses until one that has a certain desired sequence, such as a phrase or name, is identified.
