DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss

Must read

Cosmos co-founder says GovGen will show how governance can be used in blockchain development

Cosmos co-founder says GovGen will show how governance can be used in blockchain development Monika Ghosh · 4 hours ago ·...

Bitcoin network congestion eases as mempool clears in February

Bitcoin network congestion eases as mempool clears in February Andjela Radmilac · 7 hours ago · 2 min read ...

What is the role of spot Bitcoin ETFs in modern investment portfolios?

Aligned within a year of its three halving events, Bitcoin had three major bull runs in its 15-year history. After each one, in 2013,...

Why a trustless, multichain approach to web3 demands direct integration

Why a trustless, multichain approach to web3 demands direct integration Lomesh Dutta · 16 hours ago · 3 min read...

Moments after a few users complained about the unusual loss of funds, Defrost Finance’s core team member Doran confirmed that Defrost V2 was hit with a flash loan attack.

1327 Total views

16 Total shares

DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss

Ho-ho-ho! Get Limited Holiday Trait!

Collect this article as NFT

Defrost Finance, a decentralized leveraged trading platform on Avalanche blockchain, announced that both of its versions — Defrost v1 and Defrost v2 — are being investigated for a hack. The announcement came after investors reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from the MetaMask wallets.

Moments after a few users complained about the unusual loss of funds, Defrost Finance’s core team member Doran confirmed that Defrost v2 was hit with a flash loan attack. At the time, the platform believed that Defrost v1 was not impacted by the hack and decided to close down v2 for further investigation.

Core team member Doran confirming attack on Defrost Finance. Source: Telegram

At the time, the platform believed Defrost v1 was not impacted by the hack and decided to close down v2 for further investigation.

Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.

The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.

Updates will be posted on our official channels.

— Defrost Finance (@Defrost_Finance) December 24, 2022

Blockchain investigator PeckShield found that the hacker manipulated the share price of LSWUSDC, leading to a gain of roughly $173,000 for the hacker. Upon further analysis, PeckShield’s investigation revealed:

“Our analysis shows a fake collateral token is added and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M.”

While the company proactively announced the hack, the community suspects a rug-pull situation at play.

Defrost v1 was initially announced unaffected by the hack as the first version of Defrost lacked a flash loan function.

Core team member Doran confirming attack both Defrost Finance versions. Source: Telegram

However, the platform later acknowledged an emergency for v1 as well, stating:

“Our team is currently investigating. We kindly ask the community to wait for updates and refrain from using either the V1 or V2 for the moment.”

Until further notice, investors are advised to stop using Defrost Finance. An internal team is currently investigating the situation and will reach out to users through official channels.

Defrost Finance has not yet responded to Cointelegraph’s request for comment.

Related: Raydium announces details of hack, proposes compensation for victims

In 2022, North Korean hackers stole crypto worth more than 800 billion Korean won ($620 million) from decentralized finance (DeFi) platforms alone.

A spokesperson from South Korea’s National Intelligence Service (NIS) revealed that all North Korean hacks were done through overseas DeFi exploits. However, with Know Your Customer (KYC) initiatives in place, the total number of North Korean hacks saw a significant reduction.

More articles

Latest article

Cosmos co-founder says GovGen will show how governance can be used in blockchain development

Cosmos co-founder says GovGen will show how governance can be used in blockchain development Monika Ghosh · 4 hours ago ·...

Bitcoin network congestion eases as mempool clears in February

Bitcoin network congestion eases as mempool clears in February Andjela Radmilac · 7 hours ago · 2 min read ...

What is the role of spot Bitcoin ETFs in modern investment portfolios?

Aligned within a year of its three halving events, Bitcoin had three major bull runs in its 15-year history. After each one, in 2013,...

Why a trustless, multichain approach to web3 demands direct integration

Why a trustless, multichain approach to web3 demands direct integration Lomesh Dutta · 16 hours ago · 3 min read...

US agencies pause Biden-sanctioned emergency miner survey following lawsuit

What is CryptoSlate Alpha?A web3 membership designed to empower you with cutting-edge insights and knowledge. Learn more ›Connect via Access ProtocolAccess Protocol is a...