{"id":531227,"date":"2022-12-25T12:37:13","date_gmt":"2022-12-25T09:37:13","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/defi-flash-loan-hacker-liquidates-defrost-finance-users-causing-12m-loss\/"},"modified":"2022-12-25T12:37:13","modified_gmt":"2022-12-25T09:37:13","slug":"defi-flash-loan-hacker-liquidates-defrost-finance-users-causing-12m-loss","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/defi-flash-loan-hacker-liquidates-defrost-finance-users-causing-12m-loss\/","title":{"rendered":"# DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a32cb4d06c1b\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a32cb4d06c1b\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/defi-flash-loan-hacker-liquidates-defrost-finance-users-causing-12m-loss\/#%E2%80%9D_DeFi_flash_loan_hacker_liquidates_Defrost_Finance_users_causing_12M_loss_%E2%80%9C\" >&#8221; DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_DeFi_flash_loan_hacker_liquidates_Defrost_Finance_users_causing_12M_loss_%E2%80%9C\"><\/span>&#8221; DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-71d2d00b>Defrost Finance, a decentralized leveraged trading platform on Avalanche blockchain, announced that both of its versions \u2014 Defrost V1 and Defrost V2 \u2014 are being investigated for a hack. The announcement came after investors reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from the MetaMask wallets.<\/p>\n<p>Moments after a few users complained about the unusual loss of funds, Defrost Finance\u2019s core team member Doran confirmed that Defrost V2 was hit with a flash loan attack. At the time, the platform believed that Defrost V1 was not impacted by the hack and decided to close down V2 for further investigation. <\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-12\/0b4b0ffd-ab0b-4e36-89b2-e5a6e6ead8c3.png\"><figcaption style=\"text-align: center;\"><em>Core team member\u00a0Doran\u00a0confirming attack on Defrost Finance. Source: Telegram<\/em><\/figcaption><\/figure>\n<p>At the time, the platform believed Defrost V1 was not impacted by the hack and decided to close down V2 for further investigation. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.<\/p>\n<p>The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.<\/p>\n<p>Updates will be posted on our official channels.<\/p>\n<p>\u2014 Defrost Finance  (@Defrost_Finance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Defrost_Finance\/status\/1606455304841236480?ref_src=twsrc%5Etfw\">December 24, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Blockchain investigator PeckShield found that the hacker manipulated the share price of LSWUSDC, leading to a gain of roughly $173,000 for the hacker. Upon further analysis, PeckShield\u2019s investigation revealed:<\/p>\n<blockquote><p>\u201cOur analysis shows a fake collateral token is added and a malicious price oracle is used to liquidate current users. The loss is estimated to be &gt;$12M.\u201d<\/p><\/blockquote>\n<p>While the company proactively announced the hack, the community suspects a rug-pull situation at play. <\/p>\n<p>Defrost V1 was initially announced unaffected by the hack as the first version of Defrost lacked a flash loan function. <\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-12\/558e22eb-d313-4cf5-94c7-a2680275da7e.png\"><figcaption style=\"text-align: center;\"><em>Core team member Doran confirming attack both Defrost Finance versions. Source: Telegram<\/em><\/figcaption><\/figure>\n<p>However, the platform later acknowledged an emergency for V1 as well, stating:<\/p>\n<blockquote><p>\u201cOur team is currently investigating. We kindly ask the community to wait for updates and refrain from using either the V1 or V2 for the moment.\u201d<\/p><\/blockquote>\n<p>Until further notice, investors are advised to stop using Defrost Finance. An internal team is currently investigating the situation and will reach out to users through official channels.<\/p>\n<p>Defrost Finance has not yet responded to Cointelegraph\u2019s request for comment. <\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Raydium announces details of hack, proposes compensation for victims<\/em><\/strong><\/p>\n<p>In 2022, North Korean hackers stole crypto worth more than 800 billion Korean won ($620 million) from decentralized finance (DeFi) platforms alone.<\/p>\n<p>A spokesperson from South Korea\u2019s National Intelligence Service (NIS) revealed that all North Korean hacks were done through overseas DeFi exploits. However, with Know Your Customer (KYC) initiatives in place, the total number of North Korean hacks saw a significant reduction.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/defi-flash-loan-hacker-liquidates-defrost-finance-users-causing-12m-loss\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss &#8220; Defrost Finance, a decentralized leveraged trading platform on Avalanche blockchain, announced that both of its versions \u2014 Defrost V1 and Defrost V2 \u2014 are being investigated for a hack. The announcement came after investors reported losing their staked Defrost Finance (MELT) and&#8230;<\/p>\n","protected":false},"author":1,"featured_media":531228,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/cdn-cgi\/image\/format=auto,onerror=redirect,quality=90,width=1200\/https:\/\/s3.cointelegraph.com\/uploads\/2022-12\/142bc1a5-caba-4f4c-80b0-7a3d3ddccd09.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[120396,74868,122547,74882,117,70610,70944],"class_list":["post-531227","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-avalanche","tag-defi","tag-exp-attack","tag-hacks","tag-business","tag-finance","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/531227","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=531227"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/531227\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/531228"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=531227"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=531227"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=531227"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}