Key Points:

  • Pecksheild said the exploit may have been a rug pull that made off with $12 million.

  • The total value of funds locked on Defrost Finance decreased from $95 million in February to about $13 million in recent weeks before dropping to less than $93,000 on December 25.

  • Defrost Finance was willing to negotiate with the people behind the attack for a return of the funds.

Financial decentralization protocol Defrost Finance claimed that a hack occurred on December 23, however, blockchain security firm Peckshield, using “community intel,” said that the attack may have been a scam in which $12 million was stolen.

On December 25, Coincu reported that both of the Avalanche blockchain-based decentralized leveraged trading platform Defrost Finance versions, Defrost v1 and Defrost v2, were under investigation for hacking.

In particular, the Defrost team claimed in a tweet thread published that a first assault utilized a flash loan to siphon money from its V2 product. A second larger attack used the owner key to exploit V1. The leveraged trade protocol on the Avalanche blockchain didn’t specify how much money had been stolen.

1/4 The Defrost team has been working around the clock to find out more details concerning the events of the past 48 hours.A thread

— Defrost Finance (@Defrost_Finance) December 25, 2022

As Coincu reported, PerkShield’s preliminary study revealed an exploit that could be used by manipulating the flash loan and deposit functions and was made possible by the absence of a reentrancy lock.

Defrost Finance, on the other hand, stated in a tweet on the same day that it is prepared to discuss a return of the money with the perpetrators of the assault. An effort to contact the company via Twitter was unsuccessful since direct messages were disabled on the account.

A rug pull can occur when developers construct and finance a liquidity pool, only to withdraw the cash after investors have purchased the corresponding token. According to Defi Llama statistics, the total worth of money frozen on Defrost Finance, which peaked at $95 million in February, has dropped to around $13 million in recent weeks. Yesterday, it was reduced to less than $93,000.

DeFiYield, which provides a security layer for smart contracts with a cross-chain digital asset management platform to help investors avoid being scammed or hacked, claimed it audited Defrost Finance a year ago and identified the smart contract flaw utilized in the breach.

We have warned DeFi Community about the smart contract vulnerability @Defrost_Finance used to rug pull its users.1 year ago we performed an audit on Defrost.Audit link: https://t.co/u2JBm7zAq8Don't wanna get scammed in Crypto?Follow DeFiYield Audits! https://t.co/4Osx19KE0f pic.twitter.com/eIgx3rFn69

— DeFiYield Web 3 Security (@DefiyieldSec) December 25, 2022

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Thana

Coincu News