Wintermute

2017-01-01

Wintermute founded in London by Evgeny Gaevoy, formerly of Optiver's European ETF desk.

2022-09-15

1inch Network publicly discloses a severe cryptographic vulnerability in Profanity, the Ethereum vanity address generator, recommending all users immediately transfer funds away from Profanity-generated addresses.

2022-09-15

Profanity vulnerability exploited by separate actors draining approximately $3.3 million from other wallets, establishing proof of exploitability before the Wintermute attack.

2022-09-20

Attacker uses a reconstructed private key from a Profanity-generated Wintermute admin wallet to drain approximately $160 million from Wintermute's DeFi vault across roughly 90 ERC-20 token types.

2022-09-20

CEO Evgeny Gaevoy publicly discloses the hack via Twitter, confirms solvency, and characterizes the incident as a potential white-hat event, offering the attacker a 10% bounty to return funds.

2022-09-20

Attacker routes approximately $114 million in stablecoins through Curve Finance 3pool to complicate asset freezes.

2022-09-27

Researcher 'Librehash' alleges via social media that the hack was an inside job based on alleged anomalous pre-hack transactions; Wintermute denies the allegation. BlockSec assesses the inside-job theory as unsubstantiated.

2022-10-14

Wintermute repays its $96 million TrueFi DeFi loan one day before deadline, demonstrating continued solvency following the hack.

2023-01-01

Stolen $160 million remains unrecovered; attacker's 10% white-hat bounty offer unclaimed. Wintermute resumes normal operations.

2025-02-01

Wintermute opens U.S. headquarters in New York City, expanding OTC and derivatives offerings.

2025-09-03

Wintermute submits formal feedback to the SEC Crypto Task Force, arguing network tokens should not be classified as securities.