It was expected that the hack, which some onlookers had called a “rug pull,” had brought in $12 million.
The hacker in the larger V1 assault, according to Defrost Finance, who revealed on Sunday that its V1 and V2 products had been compromised, has refunded the monies.
“In order to return items to their rightful owners, we will soon begin scanning the data on-chain to determine who had them before the breach. This process might take a little bit of time because different users have varying ratios of assets and debt “According to a blog post that was referenced on the decentralized-finance protocol’s website.
The team claimed in a tweet thread on Sunday that a first attack used a flash loan to siphon money from its V2 product. The owner key was used to exploit V1 in a second, more significant attack. The leveraged trade protocol on the Avalanche blockchain didn’t specify how much money had been taken.
At the time, the blockchain security company Peckshield said, citing “community knowledge,” that the exploit might have been a scam that stole $12 million. Earlier on Monday, the security firm Certik, which also claimed to have been unable to reach the team, uploaded a graphic indicating that it was treating Defrost as an exit scam. The Twitter account for Defrost is not set up to receive private messages.
When developers construct and set up a liquidity pool and then take the money out and vanish after investors have purchased the associated token, this is known as a rug pull, or exit scam. Usually, the group responsible for the scheme disappears and cannot be reached. Defrost Finance, on the other hand, tweeted about the incident and stated that it was ready to talk with the perpetrators for a recovery of the money.