Ethereum Users Lost Over $3 Million Due to Name Generator Vulnerability

Article Reading Time:
2 minutes.

A blockchain security specialist under the nickname ZachXBT reported that hackers stole almost $3.3 million from Ethereum users who created human-readable addresses using the Profanity service.

The analyst managed to warn one of the users that attackers hacked his wallet and thereby helped the owner save more than $1.2 million worth of non-fungible tokens (NFTs).  

Previously an aggregator of decentralized financialsystems (DeFi) 1inch Network announced that it has discovered a vulnerability in the addresses of Ethereum users who generated human-readable names through the Profanity service. The analytical service team clarified that the keys to such names can be found by simply selecting combinations of characters.

Profanity service used a 32-bit vectorto populate 256-bit closed encoders. 1inch warned that the exploit makes it possible to steal cryptocurrency worth hundreds of millions of dollars. Co-founder of 1inch Network Anton Bukov
noticed that the vulnerability was likely used in a number of rug pull schemes in 2022. 

Recently the New Free DAO project has been subjected to severalinstant loan attacks, after which the rate of the NFD token fell by 99%. As a result, the project lost about 4,500 BNB worth $1.25 million. At the beginning of the month, the famous American actor and comedian Bill Murray became the victim of a hacker attack: after the closing of the NFT charity auction, the attackers withdrew $185,000 in ETH from the actor’s wallet. According to Elliptic analysts, from July 2021 to July 2022, hackers were able to steal collectible tokens worth over $100 million.