{"id":67327,"date":"2022-09-18T15:52:31","date_gmt":"2022-09-18T12:52:31","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=67327"},"modified":"2025-09-07T06:03:38","modified_gmt":"2025-09-07T03:03:38","slug":"hackers-stole-about-3-3-million-through-vulnerability-in-profanity-ethereum-address-generator","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hackers-stole-about-3-3-million-through-vulnerability-in-profanity-ethereum-address-generator\/","title":{"rendered":"Hackers stole about $3.3 million through vulnerability in Profanity Ethereum address generator"},"content":{"rendered":"<p>Hackers stole about $3.3 million in cryptocurrency from Ethereum users who generated addresses via the Profanity tool. Earlier, the 1inch Network team warned about the vulnerability.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Some rug pulls of 2022 could be actually \u201cprofanity\u201d exploits of their deployer wallets \ud83d\udc40 <a href=\"https:\/\/t.co\/vdwdMX0g2I\">https:\/\/t.co\/vdwdMX0g2I<\/a><\/p>\n<p>\u2014 Anton Bukov \ud83e\udd87\ud83d\udd0a \u2696\ufe0f (@k06a) <a href=\"https:\/\/twitter.com\/k06a\/status\/1571143422194642949?ref_src=twsrc%5Etfw\">September 17, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The Profanity tool allowed generating readable Ethereum addresses (vanity addresses) containing words, names or phrases. Development of the tool was abandoned several years ago, but wallets created with it still function today.<\/p>\n<p>On September 15, the 1inch <a href=\"https:\/\/u1f987.com\/en\/news\/uber-hack-europes-record-ddos-attack-and-other-cybersecurity-events\">team warned the community<\/a>, that the keys to such addresses could be brute-forced \u2014 a systematic enumeration of all possible character combinations. The service used a 32-bit vector to fill 256-bit private encoders.<\/p>\n<p>At the time, the developers said that the vulnerability could allow assets to be stolen &#8220;in the tens, if not hundreds of millions of dollars.&#8221; 1inch Network co-founder Anton Bukov noted that some of the rug pull schemes recorded in 2022 could be linked to it.<\/p>\n<p>The theft drew the attention of a researcher going by the handle ZachXBT. He also warned one of the users that the hackers had gained access to their wallet and helped save NFTs and tokens worth more than $1.2 million.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">Update: Earlier I noticed the 0x6ae attacker hadn\u2019t fully drained one of the wallets they interacted with.<\/p>\n<p>Am pleased to share I helped alert the owner saving their $1.2m+ worth of crypto &#038; NFTs (they\u2019ve since moved everything) <\/p>\n<p>0xDA0Da0Da0Da0a77740bB62c5c9D45423533d0CE2 <a href=\"https:\/\/t.co\/zP9LaovCv8\">pic.twitter.com\/zP9LaovCv8<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/1570966826254995456?ref_src=twsrc%5Etfw\">September 17, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In September 2022, Ethereum developer Peter Szil\u00e1gyi described a vulnerability through which <a href=\"https:\/\/u1f987.com\/en\/news\/avalanche-vulnerability-could-have-caused-a-network-wide-outage\">the attacker<\/a> could take down the Avalanche network.<\/p>\n<p>Read ForkLog&#8217;s Bitcoin news in our <a href=\"\/\/telegram.me\/forklog\" target=\"\u201c_blank\u201d\" rel=\"\u201cnofollow\u201d noopener\">Telegram<\/a> \u2014 cryptocurrency news, prices and analysis.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers stole about $3.3 million in cryptocurrency from Ethereum users who generated addresses via the Profanity tool. Earlier, the 1inch Network team warned about the vulnerability.<\/p>\n","protected":false},"author":1,"featured_media":67328,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Hackers stole $3.3 million via Profanity vulnerability affecting Ethereum vanity addresses.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,1154],"class_list":["post-67327","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-crimes"],"aioseo_notices":[],"amp_enabled":true,"views":"26","promo_type":"1","layout_type":"1","short_excerpt":"Hackers stole $3.3 million via Profanity vulnerability affecting Ethereum vanity addresses.","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/67327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=67327"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/67327\/revisions"}],"predecessor-version":[{"id":67329,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/67327\/revisions\/67329"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/67328"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=67327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=67327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=67327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}