• Defrost Finance experienced a flash loan attack on December 23 which resulted in the potential loss of $12 million in assets.
• The team announced that a hacker returned the funds one day after the alleged hack.
• Defrost stated it was willing to discuss sharing 20% of the funds in exchange for the majority of assets and was urging the hackers to get in touch with them right away.
On December 23, decentralized leverage trading platform Defrost Finance was the target of an attack involving a flash loan. This malicious act resulted in the potential loss of $12 million in assets from their v1 and v2 protocols. In response, the Defrost team released a post-mortem study of the attack and announced that they were willing to share 20% of the stolen funds if the hackers provided the majority of the assets back.
The hackers were urged to contact the Defrost team right away, but the team was also prepared to analyze the data stored on-chain in order to determine who held the assets before the breach. This process of returning the assets to their rightful owners could have taken some time as every individual had varying amounts of assets and debt.
Fortunately, the team announced a day after the hack that the stolen funds have been returned to Defrost Finance. Affected users will be able to claim their assets back very soon. It is unclear if the hacker responded to the offer of sharing 20% of the funds or if the funds were returned due to another reason.
Regardless, Defrost Finance’s quick response to the attack is commendable. The team acted with urgency to investigate the incident and took the necessary steps to secure the stolen funds. This incident has raised some suspicions of a “rug pull” scam, which is a situation where the team behind the project pulls the rug out from under investors and absconds with their money. However, this is not the case with Defrost Finance as they have proven their commitment to transparency and customer satisfaction.