3 months ago 2 min read

Hacking of Defrost Finance to Rug Pull Users


Key Ideas:

  • According to PeckShield, the theft of $12 million may have been the result of a rug pull.
  • From $95 million in February to roughly $13 million in recent weeks, the total amount of funds parked on Defrost Finance dropped to less than $93,000 on December 25.
  • Defrost Finance was prepared to negotiate a refund of the monies with the perpetrators of the attack.

According to financial decentralization system Defrost Finance, a hack took place on December 23; however, blockchain security company Peckshield suggested that the incident may have been a fraud in which $12 million was stolen using "community intel."

Defrost v1 and Defrost v2 of the Avalanche blockchain-based decentralized leveraged trading platform Defrost Finance were both under investigation for hacking.

The Defrost team, in instance, asserted in a tweet thread that a first attack used a flash loan to steal money from its V2 product. The owner key was used to exploit V1 in a second, more significant attack. The Avalanche blockchain's leveraged trade protocol didn't indicate how much money had been taken.

Defrost Finance, on the other hand, said in a tweet that same day that it was willing to talk to the attackers about returning the money. It was difficult to get in touch with the business on Twitter because direct messages were turned off for the account.

An example of a rug pull is when creators build and finance a liquidity pool, only to take the money out after investors have bought the associated token. The entire amount of money frozen on Defrost Finance, which peaked at $95 million in February, has decreased to about $13 million in recent weeks, according to Defi Llama data. It was lowered to less than $93,000 yesterday.

DeFiYield claimed it examined Defrost Finance a year ago and discovered the smart contract issue that was used in the breach. DeFiYield offers a security layer for smart contracts with a cross-chain digital asset management platform to help investors avoid being defrauded or hacked.

See related article here.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Coin Aquarium.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.