Hacks and exploits continue to plague the decentralized finance (DeFi) sector as another vanity wallet address joins the roster of DeFi victims, which, collectively, have lost more than $1.6 billion in 2022. In an alert published by blockchain security firm PeckShield, a hacker was detected after stealing 732 Ether (ETH), around $950,000, from an address created at the Ethereum vanity wallet address generator called Profanity. After draining the wallet, the exploiters sent the crypto to the recently sanctioned crypto mixer Tornado Cash. Vanity addresses are customized crypto wallet addresses that are generated to include words or specific characters chosen by the owner. However, as pointed out by recent exploits, the safety of vanity addresses remains questionable. Earlier in September, decentralized exchange (DEX) aggregator 1inch Network warned community members that their addresses were not safe if they we generated using Profanity. The DEX called out crypto holders with vanity addresses to transfer their assets immediately. According to 1inch, the vanity address generator used a random 32-bit vector to seed 256-bit private keys, which means that it lacks safety.
Full story : Almost $1M in crypto stolen from vanity address exploit.
