A DeFi-focused altcoin project denies making rug pulls despite the allegations. The community complains about the resulting transfer transactions. Here are the details…
$12 million rug pull claim for this altcoin
The team behind Avalanche-based DeFi platform Defrost Finance denies last week’s rug pull claims. The team ignored the scammers after $12 million was withdrawn from the smart contract. Blockchain security firm DeFiYieldSec claimed last week that the blatant exploit was from the inside. He said that the wallet creator of the latest Defrost Finance is the same address that requested the oracle’s replacement before the exploit took place. Defrost Finance denied these claims, calling them “slanderous and false”. Meanwhile, the local token MELT price dropped sharply across the weekly chart:
A Defrost Finance spokesperson reported that the first of the two attacks targeted the V2 contract with a “flash loan” exploit. The second, much larger attack took place on Christmas Eve. Speaking to the project team, he says the following about the allegations:
With another hacker or hacker, he “captured [managed] the private key and used it to add a bogus collateral token and price oracle, then minted 100 million H20 tokens … the hacker then manipulated the vaults’ oracles and depleted the funds available vaults”. liquidated.
Oracle hacking attacks are spreading
Exploits involving price oracles have become more common this year, when an oracle affiliated with Mango Markets was manipulated in October by crypto investor Avraham Eisenberg, who was arrested for hacking in Puerto Rico last week. As Kriptokoin.com, we have included a recent hacking event in this article.
The Mango Markets exploit resulted in a loss of $114 million. However, Eisenberg is returning $67 million shortly after the attack took place. Defrost Finance claims to have recovered all funds Monday after offering the hacker a bounty. The Defrost Finance team, the group also behind the failed DeFi protocol Phoenix Finance, said it was “very optimistic” that all users who lost tokens would be reimbursed.
DeFiYield Security report
The platform recently prepared a report on the Defrost Finance event. According to the report, on December 24, Defrost Finance first tweeted:
Defrost says V2 smart contracts are being abused. He also claimed that the attacker used a flash loan to withdraw money. However, V1 contracts were also hacked, resulting in $12 million in losses. The oracle address in the protocol’s collateral vaults has been replaced with a malicious address. This triggered the liquidation of user funds.
