Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
On December 23, Defrost Finance V2, the Avalanche ecological native stablecoin project, was attacked by a flash loan, and the hackers made a profit of $173,000. On December 25th, Defrost Finance V1 went wrong again, hackers managed to steal the owner’s key, the protocol was added with fake collateral tokens, and a malicious price oracle was used to liquidate current users, with losses estimated at more than $12 million. On December 27, the hackers who carried out the attack on Defrost Finance V1 have returned the stolen funds. Attack method (per SlowMist): Private Key Leakage. Reported loss: $ 12,173,000.
- chain
- avalanche
- protocol
- Defrost Finance
- bug_class
- private-key
- date_occurred
- 2022-12-25
- loss_usd
- $12,173,000
- source_id
- sm:defrost-finance::2022-12-25