• Defrost Finance, a DeFi protocol built on the Avalanche blockchain, recently released a blog post revealing that the cybercriminal responsible for the Christmas Day hack which drained the project of around $12 million worth of crypto assets had returned all the funds.
• The update also showed that the wallet address now contains the returned assets which include $3 million worth of ETH tokens and 9.9 million DAI.
• The project remains mum as to the details of the recovery or return of the funds, failing to address some speculations that it might have paid a bounty to the cyber attacker.
It was a stunning turn of events that has left the entire blockchain community in shock – the cybercriminal responsible for the massive Christmas Day hack that drained the Defrost Finance protocol of around $12 million worth of crypto assets had returned all the funds. This was revealed in a recent blog post released by Defrost Finance, a DeFi protocol built on the Avalanche blockchain that offers leveraged trading.
The update from the team managing the decentralized finance venture contained some “good news” for users affected by the exploit. As a means of confirmation for the bizarre turn of events, Defrost Finance showed to the public the wallet address that now contains the returned assets which include $3 million worth of ETH tokens and 9.9 million DAI.
The project, however, remains mum as to the details of the recovery or return of the funds, failing to address some speculations that it might have paid a bounty to the cyber attacker. Reports indicate that the hack had occurred in two stages – first, the attacker used a flash loan attack to target and drain Defrost Finance’s V2 product of funds. Shortly after, a larger and more malicious cyber exploit followed, this time targeting the DeFi protocol’s V1 product with the use of an owner key.
The Defrost Finance team did not disclose how much was stolen from its coffers, but the total damage was estimated to be around $12 million worth of crypto assets. Fortunately, the cybercriminal responsible for the attack seemed to have had a change of heart and returned all the funds he siphoned off during the breach.
The news has since been welcomed by the entire blockchain community, with many praising the mysterious hacker for his “honorable” act. It’s still unclear as to why the cyber attacker decided to return the funds, but it’s thought that the public outcry and the attention the exploit got from the media might have played a role in his decision.
For its part, Defrost Finance has since implemented several security measures to ensure that such an attack never happens again, including additional measures to mitigate flash loan risks in its V2 product. It remains to be seen if these new protocols will be enough to prevent future exploits, but the team behind Defrost Finance is confident that its products are now safe and secure.