The blockchain security firm BlockSec has debunked a conspiracy theory alleging the $160 million Wintermute hack was an inside job, saying the evidence used for the allegations is “not convincing enough.”.
Earlier this week, cyber detective James Edwards published a report alleging that the Wintermute smart contract exploit was likely carried out by someone with inside knowledge of the firm, questioning activity related to the compromised smart contract and two stablecoin transactions in particular..
Since then, BlockSec has reviewed the claims in a Wednesday post on Medium, suggesting that the “Wintermute project accusation is not as strong as the author claimed”adding in a tweet:
“Our analysis shows that the report is not convincing enough to indict the Wintermute project.”
In Edward’s original post, he essentially drew attention to how the hacker was able to enact so much chaos in the exploited Wintermute smart contract that he “allegedly had admin access”, despite showing no evidence to have administrator capabilities during your analysis.
BlockSec was quick to debunk the claims, outlining that “the report only looked for the current account state in the _setCommonAdmin mapping variablehowever, is unreasonable because the project may take action to revoke admin privilege after learning of the attack.”
Our analysis shows that the report is not convincing enough to accuse the Wintermute project.
— BlockSec (@BlockSecTeam) September 27, 2022
Our brief analysis of the Wintermute project indictment: https://t.co/6Lw6FjUrLp@wintermute_t @evgenygaevoy @librehash @WuBlockchain @bantg. Our analysis shows that the report is not convincing enough to indict the Wintermute project.
He pointed to Etherscan transaction details showing that Wintermute had removed admin privileges once he became aware of the hack.
Edwards also questioned why Wintermute had $13 million worth of Tether (USDT) transferred from two or his accounts on two different exchanges to his smart contract just two minutes after it was compromised.suggesting that it was foul play.
Addressing this, BlockSec argued that this is not as suspicious as it seems, as the hacker could have been monitoring Wintermute to make transactions, possibly via bots, to take advantage of the situation:
“However, it is not as plausible as claimed. The attacker was able to monitor the activity of the transfer transactions to achieve the objective. It is not at all strange from a technical point of view. For example, there are some on-chain MEV bots that continuously monitor transactions for profit.”
As already stated in the first Cointelegraph article on the matter, Wintermute has strongly refuted Edwards’s claims and has asserted that his methodology is riddled with inaccuracies..
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.