Compromised Private Keys: Primary Targets and Upcoming Solutions


by @hackless

Compromised private keys can cause serious losses at all levels of DeFi and for all kinds of patrons – whales, developers, and general users. Anyone involved in Defi can deal with this issue. That’s why organizations and individual patrons alike need to be aware of the scale of the problem and of available solutions. 

At Hackless we’re designing a product called Wallet Rescue – a solution that comes in handy when a crypto wallet is hacked and you need to safely migrate funds to a newly created address.

Why is this solution needed and who can benefit from it?

When looking closer at recent hacks that have happened in relation to crypto wallets, we noticed that the primary cause is always compromised private keys – of the platform’s hot wallet, admin’s key, or individual user’s key. We’re diving deeper into this type of exploit and how Hackless’s upcoming Wallet Rescue can be useful!  First, let’s take a look at some cautionary tales.

DeFi projects that were hacked via compromised private keys

1. Ronin network, $624M

In one of the largest hacks in crypto history, Ronin exploit, the keys of 5 of 9 validators were compromised. This was discovered when a customer tried to make a legitimate withdrawal. As the team announced, an attacker had gained ownership over private keys required to authenticate transactions. Bad actors had managed to steal 173,600 ETH and 25.5M USDC to their wallets. 

2. Harmony bridge, $100M

Harmony bridge was drained of $100M via compromised private keys of their multisig. The bridge only needed two validating accounts to approve transactions. The hackers managed to compromise private keys and were able to approve the transfer of funds to their accounts.

3. Raydium, $4.4M

This DEX lost $4.4M in crypto, falling victim to an attacker who managed to exploit a smart contract vulnerability that allowed entire liquidity pools to be withdrawn by admins. The attacker gained control over an admin pool private key and drained LP pools without even having LP tokens. The team is not sure how exactly this private key was obtained, but they assume that a trojan program infected the virtual machine that held the key.

DeFi projects with users’ private keys exposed

1. Wintermute, $160M

The market maker, Wintermute, lost $160M for good, as their hot wallet was compromised via a vanity address created with Profanity. Both Wintermute’s hot wallet and DeFi vault contract seem to have Profanity vanity addresses. The hot wallet’s private key was likely exploited and used to drain the vault. While the security flaw of Profanity-generated addresses had been known to the community for a while, it looks like this wasn’t taken seriously.

2. Slope wallet, $6M

The huge hack of a Solana-based mobile wallet, Slope, impacted over 8,000 unique wallets and resulted in $6M of funds lost. As it turned out, the private key information of users was inadvertently transmitted to a Slope application monitoring service which resulted in exposure. 

Whales & blockchain devs are not immune

While DeFi protocols and project admins are the primary victims of hackers, high-profile crypto users like whales and even blockchain developers are targets too. Why not indeed? Sometimes, the reward can be a lump sum of money, as in the cases outlined below.

1. Bitcoin developer, $3.6M

Even a Bitcoin developer can have trouble keeping keys safe. That’s what happened to Luke Dashjr, an early Bitcoin developer. He lost $3.6M in BTC due to a key hack. Dashjr tweeted that his PGP key was compromised and that he had no idea how it all happened. 

2. GMX whale, $3.5M

The hackers took control of 82,519 GMX tokens that belonged to a high-profile token holder. Further investigation determined that only a single account was impacted, making the likely cause of the theft a compromised private key.  

If DeFi teams and advanced crypto investors cannot secure their assets, does the general public have any hope?

Regular DeFi users are always on the hacker’s radar 

Hackers normally tend to attack bigger wallets, however, individuals are targets too. Let’s see what approaches and tactics hackers invent to compromise individual user wallets: 

  • Malicious airdrops – users receive an email, text, or social media message that a certain coin has been added to their wallet via an airdrop. Then, they are asked to connect their wallet address ro an attacker’s website. Once connected, all their funds are drained.
  • Seed phrase phishing – users are often threatened with account suspension and asked to provide their seed phrases as part of account verification or the recovery process.
  • Ice phishing – this type of clickjacking scheme tricks users into delegating the approval of the user’s coin to a bad actor. Often, attackers modify the smart contract UI by injecting a malicious script into it. 
  • Malicious emails, websites and messages – cloned websites, social media accounts, and fraudulent emails appear every day, tricking users by spreading fake news, and misleading them through fraudulent promos and campaigns.

What if a crypto wallet needs to be rescued? 

When a DeFi protocol or an individual wallet is being hacked, the attacker is keeping a close eye on it. This means that they see any activities you might undertake with the wallet. Also, if they understand they’ve been uncovered, they can then adjust their technology to make their attack even more effective.

But what if you have stakes or vested coins connected to this wallet and you want to transfer them? Wallet Rescue by Hackless then comes into play. Previously known as Conductor, Wallet Rescue already proved effective to some of our clients, having helped them to save around $700K in crypto. 

With Wallet Rescue, you’ll be able to safely migrate assets from the hacked wallet in a manner that is invisible to a hacker. This can be done via private mining capability in the following steps: 

  1. Create a bundle of transactions for private mining.
  2. Simulate these transactions to make sure everything will go smoothly. 
  3. Privately send a previously created, simulated, and signed bundle of transactions directly to miners via trusted providers. 
First and foremost – Hackless does not have any access to assets of the protocol’s users or their private keys. 

Wallet Rescue is a handy intuitive tool for any crypto investor to use by themselves. The app only receives signed transactions from users and protocol owners, then sends them for private mining to ensure the execution of the transactions within one block. But the ownership is all yours. 

Wallet Rescue soon to be available in beta

Our team is winding up with the Wallet Rescue web application, which will soon be available to early beta testers. And you can be one of them. All you need to do is to fill in a beta user form and we will get in touch with you once we’re live with the product. 

Lead image generated with stable diffusion. 

Leave a Reply