DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss

Published at: Dec. 25, 2022

Defrost Finance, a decentralized leveraged trading platform on Avalanche blockchain, announced that both of its versions — Defrost V1 and Defrost V2 — are being investigated for a hack. The announcement came after investors reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from the MetaMask wallets.

Moments after a few users complained about the unusual loss of funds, Defrost Finance’s core team member Doran confirmed that Defrost V2 was hit with a flash loan attack. At the time, the platform believed that Defrost V1 was not impacted by the hack and decided to close down V2 for further investigation.

At the time, the platform believed Defrost V1 was not impacted by the hack and decided to close down V2 for further investigation.

Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.Updates will be posted on our official channels.

— Defrost Finance (@Defrost_Finance) December 24, 2022

Blockchain investigator PeckShield found that the hacker manipulated the share price of LSWUSDC, leading to a gain of roughly $173,000 for the hacker. Upon further analysis, PeckShield’s investigation revealed:

“Our analysis shows a fake collateral token is added and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M.”

While the company proactively announced the hack, the community suspects a rug-pull situation at play.

Defrost V1 was initially announced unaffected by the hack as the first version of Defrost lacked a flash loan function.

However, the platform later acknowledged an emergency for V1 as well, stating:

“Our team is currently investigating. We kindly ask the community to wait for updates and refrain from using either the V1 or V2 for the moment.”

Until further notice, investors are advised to stop using Defrost Finance. An internal team is currently investigating the situation and will reach out to users through official channels.

Defrost Finance has not yet responded to Cointelegraph’s request for comment.

Related: Raydium announces details of hack, proposes compensation for victims

In 2022, North Korean hackers stole crypto worth more than 800 billion Korean won ($620 million) from decentralized finance (DeFi) platforms alone.

A spokesperson from South Korea’s National Intelligence Service (NIS) revealed that all North Korean hacks were done through overseas DeFi exploits. However, with Know Your Customer (KYC) initiatives in place, the total number of North Korean hacks saw a significant reduction.

Tags
Related Posts
Poly Network hacker returns nearly all funds, refuses $500K white hat bounty
The hacker behind a $610 million attack on the cross-chain decentralized finance (DeFi) protocol Poly Network has returned almost all of the stolen funds amid the project saying their actions constituted “white hat behavior.” According to a Thursday update on the attack from Poly Network, all of the $610 million in funds taken in an exploit that used "a vulnerability between contract calls” have now been transferred to a multisig wallet controlled by the project and the hacker. The only remaining tokens are the roughly $33 million in Tether (USDT), which were frozen immediately following news of the attack. The …
Business / Aug. 12, 2021
Bent Finance confirms pool exploit, advises investors to withdraw funds
Staking and farming platform Bent Finance joins the list to become the sixth crypto establishment to get hacked in December. The acknowledgment of the attack was followed by requesting investors to withdraw their pool funds and disabling the reward claims on the compromised platform. Bent Finance first realized the exploit on Monday at roughly 8:55 PM EST, a timeline when the company reported no loss of funds. However, the community suspected a rug-pull event when blockchain investigator PeckShield allegedly located the source of the hack transactions. We have located the hack tx, which interestingly is sent from the Bent Finance: …
Blockchain / Dec. 21, 2021
The aftermath of Axie Infinity’s $650M Ronin Bridge hack
In late March, Ronin, an Ethereum sidechain built for the popular play-to-earn nonfungible token game Axie Infinity, was hacked for over 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) for a combined value of over $600 million. The breach on the Ronin bridge was confirmed by Sky Mavis, the developers behind the popular play-to-earn (P2E) game: There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP — Ronin (@Ronin_Network) March 29, 2022 The official report from the company noted that the hackers managed to get access to private keys to validator nodes resulting in the compromise of five validator …
Blockchain / April 12, 2022
Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers
Cryptocurrency exchanges Binance and Huobi have again frozen accounts linked to the $100 million Harmony Horizon bridge attack on Jun. 24, 2022. Around $1.4 million worth of crypto frozen by the trading platforms came from accounts linked to the notorious Lazarus Group operating out of North Korea. The investigation was carried out by blockchain analytics firm Elliptic, according to a report shared by the firm on Feb. 14. However, the firm didn’t state what coins or tokens were frozen. Exchanges @binance and @HuobiGlobal today froze accounts containing $1.4 million stolen by North Korea’s Lazarus Group. This was made possible thanks …
Blockchain / Feb. 15, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023