Defrost Finance offers 20% payment to hackers as CertiK claims project is an 'Exit Scam'

On Dec. 26, blockchain security firm CertiK issued a warning alleging that Defrost Finance, a decentralized leveraged trading platform on the Avalanche Blockchain, is an "Exit Scam." In supporting the decision, CertiK wrote: 

"On 24 December we have seen an #exitscam on @Defrost_Finance. We have attempted to contact multiple members of the team but have had no response. The team are not KYC'd but we are using all the information that we do have to assist with authorities."

The prior day, Defrost Finance suffered a flash loan attack that drained protocol users of $12 million in assets. Immediately after the exploit, blockchain analytics firm PeckShield also issued a warning alleging that the operation was a "rugpull": 

"We received community intel warning the rugpull of @Defrost_Finance.Our analysis shows a fake collateral token is added and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M."

In a brief post-mortem analysis, project developers said that hackers also managed to steal the owner key for a much larger attack on its V1 protocol than the flash loan exploit. Defrost has since offered "sharing 20% (negotiable) of the funds in exchange for the bulk of assets and are calling on the hackers to contact us asap."

After posting an Ethereum (ETH) wallet address on its social page, close to $3 million worth of digital assets have been transferred there at the time of publication. It is unclear if such transactions were related to the stolen assets.

This is a developing story and will be updated accordingly.