After Defrost Finance users complained about the loss of funds, the DEX confirmed that Defrost V2 was the victim of a flash loan attack.
On December 24, 2022, DeFi platform Defrost Finance, built on the Avalanche blockchain, suffered a hack, with an attacker using a flash loan function to withdraw funds.
The announcement was made on the official Twitter account. The team advises everyone to refrain from using the platform until they resolve the issue.
Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.
The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.
The first hacking signal was that investors reported that they had lost their stakes in Defrost Finance, as well as Avalanche coins from the MetaMask wallets.
At first, the team announced that Defrost Financeās V1 was not affected by the hack.
After confirming the attack, PeckShield, a blockchain security company, discovered that the hacker had manipulated the price of LSWUSDC (Lending Switch USD Coin). The profit generated from the hack was approximately of $173,000.Ā
“Our analysis shows a fake collateral token is added, and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M,ā according to PeckShield.
The community was suspicious of the activities of the DEX, although they had announced the hack as soon as it was noticed.
Shortly after, it was announced that V1 of the DEX was also affected by the hack, although it was initially announced that it was not affected. Since V1 lacked the flash loan functionality, the team believed that V1 couldnāt have been affected. At this moment, they asked all users to stop using both V1 and V2.
The Defrost team continued their on-chain investigation, on Dec 25. After publicly asking the hacker or hackers to return the funds stolen during the attack, the team also proposed a 20% (negotiable) fee of the total amount of $12.Ā
According to the team, they have been working round the clock, on Christmas day, to try and solve the crisis and return the funds. Eventually, on Dec 26, the team announced that the funds stolen from V1 have been returned. However, no other explanation was given.
Defrost Finance announced it would refund affected users
According to Defrost Finance, the platform managed to recover the funds from the V1 flash loan exploit and plans to return them to their rightful owners.Ā
On Dec 27, Defrost posted on Medium that it would soon refund the stolen assets. The recovered funds are in an ETH wallet, will be converted to a stablecoin, and then transferred to Avalanche. The users will be able to recover their funds through a specific smart contract.
Users are still waiting for further news.
Other DeFi protocols that suffered losses recently are Raydium (Solana blockchain) – $2 million, and Ankr (Ethereum blockchain) – $5 million.
Is Defrost Finance a scam?
On Dec 24, PeckShield, a blockchain analytics company, issued a warning to its community. They described Defrost Finance project as a “rug pull” with losses estimated at around $12 million.
On Dec 26, CertiK, a blockchain security company, posted an alert about Defrost Finance. It stated that they tried to reach the team but did not receive any response. They described the exploit as an “exit-scam,” which implies that the DeFi platform might have stolen user funds.Ā
A malicious Google Tag Manager (GTM) website code allowed a hacker to steal $265,000 of usersā funds. The hack was targeting whalesā wallets.Ā
On September 1st, 8:24 PM UTC, KyberSwap discovered a bug in its website code which allowed hackers to steal approximately $265,000.
According to the DeFi platform, two “whale” addresses were apparently affected by the attack. KyberSwap announced its intention to all affected users. Kyber claimed it discovered the exploit that allowed hackers to insert fake approvals, allowing them to transfer funds to an address. The attack was detected on Sept. 1, and the threat was “neutralized” within two hours.
What happened to KyperSwap?
KyberSwap was the victim of a website exploit. On Sept 1st,Ā 8:24 PM UTC, they discovered a suspicious element on their front end. In order to further investigate the issue, they decided to shut down the website while the smart contracts and everything related to the blockchain were not disturbed. The issue was a malicious Google Tag Manager (GTM), which allied the attacker to steal usersā funds.Ā
1/ āļøNotice of Exploit of KyberSwap Frontend:
We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this threadā¬ļø
It seems that the Google Tag Manager was designed to specifically target whale wallets to grant the attacker access to larger funds. After the code was eliminated, the KyberSwap UI was restored and made available for users. The UI was unavailable for just over two hours. Meanwhile, the malicious code was eliminated from the KyberSwap UI, and the hackerās wallet was identified.Ā
The KyberSwap announced to its users about the recent bug on the platformās Twitter account and urged other DeFi protocols to inspect their frontend code to prevent similar attacks.
This decentralized exchange allows users to trade currencies across different blockchains. The blockchain contracts of KyberSwap were not affected. They have also identified the affected addresses.Ā
1/ āļøNotice of Exploit of KyberSwap Frontend:
We identified and neutralized an exploit on the KyberSwap frontend. Affected users will be compensated. We have summarized the details in this threadā¬ļø
Kyber tweeted, “We have compiled a complete list of confirmed and suspected attacker addresses used during this period, including tracking interactions with centralized exchanges and OpenSea.”
While this attack ranks amongst the lowest losses suffered by the DeFi projects, these thefts add up to millions of dollars that have disappeared from users’ funds. It also makes it very clear to anyone paying attention that DeFi platforms have penetrable UIs that can be exploited by creative hackers.
KyberSwap is not safe to use, although users are advised to exert caution when doing so.
A complete list of the confirmed and suspected attackersā addresses have been made public on their blog. Thereās also a complete list of the addresses of the smart contracts related to using KyberSwap. Additional info about the incident can be found in the same blog – Notice of Exploit of KyberSwap Frontend.
Will KyberSwap retrieve the stolen funds?
Blockchain transactions are irreversible, and KyberSwap might not be able to get the funds back, even if they have traced the wallets. The only way to get the stolen funds back is if the hackers decide to transfer them back.
For that reason, the Kyber protocol has urged the attacker to send the funds back. Not only that, but they are offering a bug bounty of 15% from the stolen funds.
Hereās the message for the KyberSwap hacker:
āHello attacker. We know the addresses you own have received funds from central exchanges, and we can track you down from there. We also know the addresses you own have OpenSea profiles and we can track you through the NFT communities or directly through OpenSea. As the doors of exchanges close upon you, you will not be able to cash out without revealing yourself. As a bug bounty, we are offering you 15% of the funds if you return it and have a conversation with our team. To confirm, send the funds to the following Polygon address: 0x2dc0ba6ba3485edd61f17ffabf4c7a9626001d50ā
According to a report, the on-chain for DeFi apps has slowed down, but the industry has managed to retain most of its daily active users.
CoinGecko published a report for Q2 2022 that reveals the market trends and analysis for decentralized finance (DeFi). The most unexpected statistic is that the DeFi market experienced a 74.6% decline in Q2, but the user activity has remained relatively robust.
Cryptocurrency market chances in Q2 2022 (statistics)
Top 30 cryptos market capitalization decreased by 55.9%, losing over half its value and falling below $1 trillion.
The top 15 stablecoins lost almost a fifth of their market cap, -18.3% or -$33.9B
The top 30 crypto market cap correlation with the S&P500 was 0.92 (thatās a high correlation).
Bitcoinās hash rate decreased by 1.7%
+17.82% of total ETH Staked in Q2 2022. (Almost 13 million ETH was staked, representing roughly 11% of the total ETH supply).
There was a 34.5% decrease in average daily DeFi Users compared to 1st April 2022
The NFT trading volume decreased by 26% from Q1 to Q2 2022
DeFi market in Q2 2022
The CoinGecko report states that the total DeFi market cap dropped from $142 million (in Q1) to $36 million (in Q2). This was primarily due to the collapse of Terraās stablecoin UST in May 2022.
Another worrying statistic is the increase in DeFi exploits, which has contributed significantly to this fall. Some of the most notable hacking events involved Inverse Finance and Rari, and the lost funds accumulated up to $1.2 million and $11,000,000, respectively. These attacks affected the token pricesā tremendously, and investors have also lost confidence in these protocols.Ā
But itās not all doom and gloom in the DeFi space. Although on-chain activity has slowed, the DeFi industry still retains most of its active users daily.
The DeFi daily active users decreased by only 34.5%, from 50,000 to 35,000 in Q2. There were also numerous instances that led to an increase in DeFi activity.
After Terra’s collapse, there was a spike in usersā on-chain activity. Of course, that could be explained by users who used Curve Finance or Uniswap to sell Terra (LUNA and USTC).
The second spike was seen in June when Celsius, a crypto lending platform, imposed withdrawal restrictions due to financial difficulties. Celsius filed for bankruptcy on July 12.
The usersā behavior is normal in both f these cases, as they were trying to escape the dramatic consequences of these protocols.
Whatās happening to NFTs?
Also, the report found that the trading volume for nonfungible tokens (NFTs) decreased by 26.2.% reaching $7.6 billion since the same time last year.
In June 2022, the NFT trading volumes reached $830 million. This coincided with the collapse of the floor prices of NFTs.
For the first time ever, we also witness a change in the NFT marketplacesā arena.
OpenSea maintained its grip on the top spot, despite being in decline. In May and June, however, Magic Eden, X2Y2, seemed to have caught up and took turns to surpass OpenSeaās daily and weekly volumes.
Despite having a more advantageous fee structure, LooksRare & X2Y2 are still behind OpenSea. However, they are slowly gaining ground.
NFT trends in Q2 2022
It looks like the Play-to-Earn (P2E) games are gaining more popularity, and we can see it in the NFT trends.Ā
Some of the most traded in-game NFT assets are Stepnās shoes (move to earn game), GoblinTown, and Art Blocks.
Itās also important to note that Solana has been reducing Ethereum’s NFT share. It will be interesting to see if this momentum can last long-term.
Some of the rising NFT projects on Solana include OkayBears, Trippinā Ape Tribe, and DeGods.Ā
