Just a few days back, Defrost Finance, one of the prominent trading platforms in the decentralized finance industry, faced a major exploit.
As a result of the exploit, the company ended up losing $12 million, which was a huge loss for the company. The exploit took place a few days prior to Christmas.
It has become a tradition that the exploits and hacks in the cryptocurrency industry rise just as the Christmas Holidays approach.
Multiple networks end up getting preyed on by hackers who may use the funds to spend on holidays and other kinds of entertainment. They do it throughout the Christmas and New Year periods.
Defrost Finance Suffered a $12 Million Exploit
Unfortunately, Defrost Finance ended up facing the exploit and the hackers were able to take off with $12 million worth of cryptocurrencies.
Defrost Finance had recently risen to fame for being a highly profitable and convenient decentralized finance trading platform.
As the network ended up facing the exploit, multiple speculations and claims out from the cryptocurrency and the Defrost Finance community.
Many claimed that it was not an exploit but a “rug pull”. This means that the developers take off with the customers’ funds once they reach the target they have set for funds.
The same kind of scam is known for being an “exit scam”. Similarly to the rug pull, the exit scam suggests that the developers ran away with people’s funds.
Exploited Took Place on December 23
It was on December 23 when the officials at Defrost Finance made an announcement about the exploit. They revealed that their protocol had suffered a flash loan attack.
As a result of the exploit, the hackers were able to drain a large number of funds from their v2 protocol.
Unfortunately, the exploits did not stop there for Defrost Finance, as the project ended up suffering from another hack.
This time, it was not the v2 protocol but the v1 protocol that the hackers were able to exploit. The hackers were able to steal the admin key, which resulted in an even larger exploit of the protocol.
After the teams had carried out their investigation and run through the figures, it was established that the hackers were able to steal $12 million worth of cryptocurrencies.
How did the Hackers Carry out the Exploit?
The teams have confirmed the way they carried out the exploit, it is confirmed that they did it by adding a token that was fake collateral.
By adding the fake token to the protocol, the hackers were able to steal the actual funds and liquidity that were on the protocol. The funds and the liquidity were provided by the users.
Therefore, it was the users that ended up facing the exploit while the network was not able to do anything to stop it.
Inside Job Claims by Several Specialized Firms
Since the exploit, not only the users impacted by the hack have made claims of an inside job.
But the specialized firms, in this case, the security firms based on blockchain networks have made a similar claim.
They have pointed out that they have a strong feeling that someone from the inside was involved in the hack.
It may be the entire team at Defrost Finance or an individual in particular, who aided the hackers in carrying out the exploit.
The firms have claimed that for the hackers to carry out the exploit, they would have needed an admin key. They would not be able to gain access to the admin key unless someone from the inside made it happen.
Denial from Defrost Finance
While the communities and the security firms have made their claims, Defrost Finance officials have completely denied such allegations.
The firm has claimed that yes, one of their admin keys was compromised but it does not mean it was given out. It simply does not equate to their network having undergone a rug pull.
The officials also urged the specialized firms not to pose such allegations at their firms. They have stated that such claims are only forcing the public to lose trust in their protocol and services.