Blockchain security firm Bloxsec has dismissed conspiracy theories that the $160 million Wintermuth hack was an inside job.
Earlier this week, cybercriminal James Edwards published a report suggesting that the Wintermutt smart contract exploit may have been carried out by someone with inside knowledge of the company.
“The case against the Wintermuth project is not as strong as the author has claimed,” Bloxk added in a tweet on Wednesday.
“Our analysis shows that the report is not convincing enough to condemn the Wintermuth project.
In Edward’s original post, he draws attention to how the hacker was able to “wreak havoc on a contract that supposedly had admin access” on the exploited Wintermutt smart contract, despite showing no evidence of lack of admin access during his analysis.
But Blocksec immediately rejected the claims, because the report looked at the account’s current state in the mapping variable _setCommonAdmin, but it was not logical because the project could take steps to revoke the administrator’s privileges after discovering the attack. He said.
Our brief analysis of the Wintermute project lawsuit: https://t.co/6Lw6FjUrLp@wintermute_t @evgenygaevoy @librehash @WuBlockchain @Bantg
Our analysis shows that the report is not convincing enough to blame the Wintermuth project.
— BlockSec (@BlockSecTeam) September 27, 2022
He pointed to Eterscan’s transaction details, which showed that Wintermuth had removed administrator privileges after discovering the hack.
Edwards Wintermuth questioned why $13 million worth of Tether (USDT) was transferred from his accounts on two or more different exchanges to his smart contract two minutes after the breach.
Related: Tribal DAO has supported the repayment of the victims of the $80 million hack
Having said that, BlockSec argues that this is not as suspicious as it seems.
“But, it’s not as convincing as it sounds. The attacker can monitor the activity of the transfer transactions to achieve his goal. From a technical point of view, it is not very strange. For example, there are some on-chain MEV-bots that continuously monitor transactions for profit.
As noted in an earlier Cointelegraph article on the matter, Wintermuth vehemently denied Edwards’ claims, and insisted that his methodology was flawed.