Defrost hacker returns stolen funds: Is there an exit scam to watch out for
- The hacker responsible for the $12 million hack on Defrost Finance returned the exploited funds
- The DEX will soon launch a smart contract to refund all the affected users
In an interesting turn of events, the perpetrator behind the attack on Avalanche’s Defrost Finance returned the funds he siphoned off the decentralized exchange. The surprising return came a day after the initial flash loan attack that took place on 25 December. The hack had led to a loss of more than $12 million.
The return of the funds…
According to a blog post by Defrost Finance, the hacker behind the hack on V1 returned all the funds that had been exploited. The DEX shared a wallet address that contained the funds returned by the hacker. At the time of writing, the address had close to $3 million worth of ETH and 9.9 million DAI.
The latest update by Defrost Finance revealed that the team will start refunding the users who were affected by the hack. The next few days will see the ETH returned by the hacker converted into stablecoins, preferable DAI. These stablecoins will then be crossed from Ethereum to Avalanche.
Following an on-chain scan to determine rightful ownership of the stolen crypto, a refunding smart contract will be deployed.
“Rightful users will be able to claim their assets back in stablecoins to the same addresses.” the Defrost team stated.
Allegations of an exit scam
The hours following the hack saw multiple allegations of a rug pull or a similar malicious action. On-chain intelligence firm PeckShield cited “community intel” while warning that the hack on the DEX was a rug pull.
We received community intel warning the rugpull of @Defrost_Finance. Our analysis shows a fake collateral token is added and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M. https://t.co/70iu38OYh7 pic.twitter.com/rSKklgV71I
— PeckShield Inc. (@peckshield) December 24, 2022
Blockchain security firm CertiK also took to Twitter and revealed that multiple attempts to contact the Defrost Finance team had proven futile. This led to the firm alleging that the hack was an “exit scam”. This meant that the developers disappearing with investors’ funds following investment into their project.
Prior to the return of funds, the Defrost team had offered the perpetrator up to 20% of the funds in exchange for the bulk of the exploited assets.
The Defrost team is willing to negotiate with the hacker(s).
We are willing to discuss sharing 20% (negotiable) of the funds in exchange for the bulk of assets and are calling on the hackers to contact us asap.
— Defrost Finance ? (@Defrost_Finance) December 25, 2022