Key Ideas:
- According to PeckShield, the theft of $12 million may have been the result of a rug pull.
- From $95 million in February to roughly $13 million in recent weeks, the total amount of funds parked on Defrost Finance dropped to less than $93,000 on December 25.
- Defrost Finance was prepared to negotiate a refund of the monies with the perpetrators of the attack.
According to financial decentralization system Defrost Finance, a hack took place on December 23; however, blockchain security company Peckshield suggested that the incident may have been a fraud in which $12 million was stolen using "community intel."
Defrost v1 and Defrost v2 of the Avalanche blockchain-based decentralized leveraged trading platform Defrost Finance were both under investigation for hacking.
The Defrost team, in instance, asserted in a tweet thread that a first attack used a flash loan to steal money from its V2 product. The owner key was used to exploit V1 in a second, more significant attack. The Avalanche blockchain's leveraged trade protocol didn't indicate how much money had been taken.
1/4 The Defrost team has been working around the clock to find out more details concerning the events of the past 48 hours.
— Defrost Finance 🔺 (@Defrost_Finance) December 25, 2022
A thread ⬇️
Defrost Finance, on the other hand, said in a tweet that same day that it was willing to talk to the attackers about returning the money. It was difficult to get in touch with the business on Twitter because direct messages were turned off for the account.
An example of a rug pull is when creators build and finance a liquidity pool, only to take the money out after investors have bought the associated token. The entire amount of money frozen on Defrost Finance, which peaked at $95 million in February, has decreased to about $13 million in recent weeks, according to Defi Llama data. It was lowered to less than $93,000 yesterday.
DeFiYield claimed it examined Defrost Finance a year ago and discovered the smart contract issue that was used in the breach. DeFiYield offers a security layer for smart contracts with a cross-chain digital asset management platform to help investors avoid being defrauded or hacked.
⚡️ We have warned DeFi Community about the smart contract vulnerability @Defrost_Finance used to rug pull its users.
— DeFiYield 🛡️ Web 3 Security (@DefiyieldSec) December 25, 2022
1 year ago we performed an audit on Defrost.
Audit link: https://t.co/u2JBm7zAq8
Don't wanna get scammed in Crypto?
Follow DeFiYield Audits! 🚨 https://t.co/4Osx19KE0f pic.twitter.com/eIgx3rFn69
