A cybercriminal recently stole a significant amount of funds from an Ethereum vanity address, siphoning 732 ETH and transferring it to Tornado Cash. The 1Inch Network warned about Profanity, which they view as unsafe since hackers could discover the private keys to vanity addresses through rough calculations.
Amid increasing violations against DeFi, a cybercriminal attacked another wallet from Ethereum vanity address generator Profanity. The malicious actor took advantage of a weakness in the tool to steal nearly USD 1 million worth of Ether (ETH).
The above situation happened one week after the DEX aggregator 1Inch found the vulnerability in the addresses generated by Profanity.
The Cybercriminal Steals 732 ETH and Transfers It to Tornado Cash
The blockchain security company Peckshield recently reported that a cybercriminal stole a significant amount of funds from an Ethereum vanity address. The thief had siphoned off 732 ETH and transferred it to crypto asset mixer Tornado Cash.
The company said 0x9731F might have stolen USD 950 thousand worth of crypto assets from an Ethereum vanity address. They explained that the hacker transferred around 732 ETH into the above platform.
The 1inch Network Warns that Profanity-Generated Addresses Are Unsafe
Some time ago, the 1Inch Network warned about the vanity address-generating tool Profanity, which features words or characters the owner chooses. The recent onslaught of breaches has caused them to view vanity addresses as unsafe.
While public keys allow the wallet owner to receive crypto assets from other users, private ones prevent unauthorized access.
The notice from 1Inch stated that hackers could discover the private keys to vanity addresses from Profanity through rough calculations.
The platform warned investors that their money was not safe in a wallet address generated with the Profanity tool.
Recent Crypto Asset Thefts Involve the Use of Vanity Addresses
Over a week ago, a cybercriminal drained more than USD 3 million from several Profanity-generated addresses. According to on-chain data, the malicious actor had previously robbed multiple wallets created by the tool.
Shortly after the breach, a Twitter blockchain expert identified the wallet address used by the attacker. However, the criminal had already moved most of the tokens into the liquidity pool Curve.
The ongoing wave of DeFi exploits also affected the leading liquidity provider Wintermute. Its CEO Evgeny Gaevoy announced that a hacker had stolen over USD 160 million through 13 transactions involving 90 assets.
The security firm Blockchain CertiK pointed out that the Profanity wallet might have played a role in the theft. The crypto researcher Ajay Dhingra said that the cybercriminal might have exploited an error in the smart contract for their hot wallet.
Meanwhile, Ether is trading at around USD 1,379 and has accumulated a 5.4% gain over the last 24 hours. While its daily trading volume is above USD 15.85 billion, its market capitalization is about USD 166.29, according to CoinGecko.
Cryptocurrencies play an increasingly relevant role in the economic system worldwide, which cybercriminals know well. That has led companies offering services with those assets to work on their security systems to prevent losing their funds.
By Alexander Salazar
