Key Points:

• Claims that Defrost Finance canceled the project after $12 million was stolen from the smart contract last week have been refuted by the company.
• According to a Defrost Finance spokesman, the first of two attacks used a “flash-loan re-entrancy” exploit to target the V2 contract.
• Defrost Finance has also carefully planned to be able to refund users. The team also publishes information related to the exploit and constantly updates it, unlike some other platforms that just stay silent after such incidents take place.

After $12 million was stolen from the smart contract last week, Defrost Finance, an Avalanche blockchain-based DeFi platform, disputed allegations relating to the rug pull.

This week, the blockchain security company DeFiYieldSec claimed that the alleged exploit was an inside job. It asserted that the address that created Defrost Finance‘s multi-sig wallet also asked for the oracle to be changed prior to the alleged exploit.

According to a Defrost Finance spokesman who talked to CoinDesk, the first of two attacks used a “flash-loan re-entrancy” exploit to target the V2 contract.

The second, much more significant attack took place on Christmas Eve, according to the spokesman. This time, the hacker or hackers were successful in stealing the private key, using it to add a false collateral token and price oracle before printing 100 million H20 tokens. The hacker then used the existing vaults’ oracles to his advantage to drain money from them.

Following the offering of a reward to the hacker on Monday, Defrost Finance claimed to have recovered all of the funds.

Besides, Defrost has also carefully planned to be able to refund users. The team also publishes information related to the exploit and constantly updates it, unlike some other platforms that stay silent after such incidents take place.

On December 25, Defrost Finance said that both of its versions, Defrost v1 and Defrost v2, are under investigation for hacking. In particular, the Defrost team claimed in a tweet thread published that a first assault utilized a flash loan to siphon money from its V2 product. A second larger attack used the owner key to exploit V1. The leveraged trade protocol on the Avalanche blockchain didn’t specify how much money had been stolen.

After the incident, a lot of accusations were made that this was a rug-pull scheme.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Harold

Coincu News

Avalanche

DeFiYieldSec

Defrost Finance

rug pull

Author

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Related Posts

• BNB Chain Meme Innovation Battle Offers $1 Million Reward To Attract Devs

DeFi

Defrost Finance Smashes Rug Pull Rumors After Losing $12 Million Exploit

Key Points:

• Claims that Defrost Finance canceled the project after $12 million was stolen from the smart contract last week have been refuted by the company.
• According to a Defrost Finance spokesman, the first of two attacks used a “flash-loan re-entrancy” exploit to target the V2 contract.
• Defrost Finance has also carefully planned to be able to refund users. The team also publishes information related to the exploit and constantly updates it, unlike some other platforms that just stay silent after such incidents take place.

After $12 million was stolen from the smart contract last week, Defrost Finance, an Avalanche blockchain-based DeFi platform, disputed allegations relating to the rug pull.

This week, the blockchain security company DeFiYieldSec claimed that the alleged exploit was an inside job. It asserted that the address that created Defrost Finance‘s multi-sig wallet also asked for the oracle to be changed prior to the alleged exploit.

According to a Defrost Finance spokesman who talked to CoinDesk, the first of two attacks used a “flash-loan re-entrancy” exploit to target the V2 contract.

The second, much more significant attack took place on Christmas Eve, according to the spokesman. This time, the hacker or hackers were successful in stealing the private key, using it to add a false collateral token and price oracle before printing 100 million H20 tokens. The hacker then used the existing vaults’ oracles to his advantage to drain money from them.

Following the offering of a reward to the hacker on Monday, Defrost Finance claimed to have recovered all of the funds.

1/4#Defrost has managed to recover all funds taken during the the V1 hack.

This is how we will refund the investors.

A thread ????

— Defrost Finance ???? (@Defrost_Finance) December 27, 2022

Besides, Defrost has also carefully planned to be able to refund users. The team also publishes information related to the exploit and constantly updates it, unlike some other platforms that stay silent after such incidents take place.

Refund update ????

✅ By yesterday, our tech team had scanned 50% of the addresses affected by the hack, including all those in the vault

✅ As of now, nearly all addresses have been covered

✅ We are crosschecking the data in preparation for the release of the refund plan

— Defrost Finance ???? (@Defrost_Finance) December 30, 2022

On December 25, Defrost Finance said that both of its versions, Defrost v1 and Defrost v2, are under investigation for hacking. In particular, the Defrost team claimed in a tweet thread published that a first assault utilized a flash loan to siphon money from its V2 product. A second larger attack used the owner key to exploit V1. The leveraged trade protocol on the Avalanche blockchain didn’t specify how much money had been stolen.

After the incident, a lot of accusations were made that this was a rug-pull scheme.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Harold

Coincu News

Visited 55 times, 1 visit(s) today

Other Posts

Related Posts

Knowledge

- 51 days ago 13 mins

Free Bitcoin Code 2024: Easy Way To Own Bitcoin

News

- 7 hours ago 2 mins

Franklin Ethereum ETF Is Listed On DTCC, Although Not Approved Yet

Knowledge

- 105 days ago 12 mins

Fiat To Fiat Converter: Detailed Guide For Beginners And Important Notes

News

- 8 hours ago 2 mins

Yuga Labs Restruction Now Underway To Focus On Otherside And Web3

Knowledge

- 6 days ago 12 mins

Bitcoin Mining: How Long Does It Take to Mine 1 Bitcoin?

News

- 7 hours ago 2 mins

Crypto ETF Collateral On DTCC Cut By 100% In Evaluated Market Price

Knowledge

- 105 days ago 12 mins

Crypto To Crypto Converter: Detailed Guide For Beginners And Important Notes

News

- 7 hours ago 2 mins

Crypto ETFs Face Zero Collateral Value For Loans: Higher Risk For Investors?