Defrost Details Plans to Refund Hack Victims
In a medium update earlier today, DeFi protocol Defrost Finance shared its strategy to reimburse users who suffered in the recent exploit. The team behind the platform noted in a Twitter thread that they had recovered the stolen assets and were set to commence refunds.
The Refund Process
The blog post, titled “Details Concerning the Refunding Process” outlined the steps the platform will follow over the next few days. To begin with, the Defrost team will swap all ETH for stablecoins at the current on-chain market rate. Per the post, the most appealing option for this is MakerDAO’s DAI token.
Following the conversion, the next phase of the refund process is to move the stablecoins from Ethereum to the Avalanche ecosystem. Defrost will then begin reviewing on-chain records from before the hack in order to match assets to holders. Once the team has completed the survey it will make the information in question available for public view.
Next, the team will move forward with the last step in the reimbursement strategy. They will deploy the refunding smart contract which will give rightful owners the ability to reclaim their assets. Of course, they will receive the funds in stablecoins and into their original digital asset wallets.
KYC & Audit Solutions!
SolidProof
A Recap of the Defrost Hack
The Defrost exploit took place on the 23rd of December and saw the leverage trading platform record losses scaling $12M.
Defrost customers initially called attention to the hack as they voiced complaints regarding an irregular loss of funds. Indeed, users claimed that their staked assets such as Defrost Finance and Avalanche AVAX coins had somehow exited their wallets.
Defrost responded to the complaints via a Twitter post saying that the platform’s V2 product was facing a flash loan attack. The team stated that they had shut down the V2 to look into the exploit. They clarified that the Defrost V1 was still secure as this version of the protocol does not have a flash loan option.
Speculations of a Rug Pull
The team’s verdict regarding V1’s safety turned out to be wrong. Another even bigger hack followed which saw the perpetrator breach V1 this time using the owner’s key. As the incident unraveled, reports continued to circulate that the hack may in fact have been an inside job, considering the owner’s key was compromised.
Blockchain security company CertiK tagged the exploit an “exit scam” noting that they had unsuccessfully tried to contact the team. PeckShield also described the hack as a rug pull as it sent out a warning to the broader crypto community. Shortly after this, the Defrost team released a post saying the hacker involved in the V1 exploit had returned the loot.
Comments
Post a Comment