1 year ago
Moments aft a fewer users complained astir the antithetic nonaccomplishment of funds, Defrost Finance’s halfway squad subordinate Doran confirmed that Defrost V2 was deed with a flash indebtedness attack.
Ho-ho-ho! Get Limited Holiday Trait!
Collect this nonfiction arsenic NFT
Defrost Finance, a decentralized leveraged trading level connected Avalanche blockchain, announced that some of its versions — Defrost V1 and Defrost V2 — are being investigated for a hack. The announcement came aft investors reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from the MetaMask wallets.
Moments aft a fewer users complained astir the antithetic nonaccomplishment of funds, Defrost Finance’s halfway squad subordinate Doran confirmed that Defrost V2 was deed with a flash indebtedness attack. At the time, the level believed that Defrost V1 was not impacted by the hack and decided to adjacent down V2 for further investigation.
Core squad member Doran confirming onslaught connected Defrost Finance. Source: TelegramAt the time, the level believed Defrost V1 was not impacted by the hack and decided to adjacent down V2 for further investigation.
Defrost Finance is bittersweet to denote that our V2 has suffered a hack, with an attacker utilizing a flash indebtedness relation to retreat funds.
The V1 is not affected. We volition soon adjacent the V2 UI and analyse further with our tech team.
Updates volition beryllium posted connected our authoritative channels.
Blockchain researcher PeckShield recovered that the hacker manipulated the stock terms of LSWUSDC, starring to a summation of astir $173,000 for the hacker. Upon further analysis, PeckShield’s probe revealed:
“Our investigation shows a fake collateral token is added and a malicious terms oracle is utilized to liquidate existent users. The nonaccomplishment is estimated to beryllium >$12M.”While the institution proactively announced the hack, the assemblage suspects a rug-pull situation astatine play.
Defrost V1 was initially announced unaffected by the hack arsenic the archetypal mentation of Defrost lacked a flash indebtedness function.
Core squad subordinate Doran confirming onslaught some Defrost Finance versions. Source: TelegramHowever, the level aboriginal acknowledged an exigency for V1 arsenic well, stating:
“Our squad is presently investigating. We kindly inquire the assemblage to hold for updates and refrain from utilizing either the V1 oregon V2 for the moment.”Until further notice, investors are advised to halt utilizing Defrost Finance. An interior squad is presently investigating the concern and volition scope retired to users done authoritative channels.
Defrost Finance has not yet responded to Cointelegraph’s petition for comment.
Related: Raydium announces details of hack, proposes compensation for victims
In 2022, North Korean hackers stole crypto worthy much than 800 cardinal Korean won ($620 million) from decentralized concern (DeFi) platforms alone.
A spokesperson from South Korea’s National Intelligence Service (NIS) revealed that each North Korean hacks were done done overseas DeFi exploits. However, with Know Your Customer (KYC) initiatives successful place, the total fig of North Korean hacks saw a important reduction.
English (US) 