Bitcoin Forum

Defrost finance claimed that their V2 smart contract was exploited, and that attacker used a flash loan to withdraw funds.

However, the V1 contracts had been hacked as well resulting in the $12M loss. The oracle address in the protocol’s collateral vaults was replaced with a malicious one, that triggered liquidations of collateralized user funds.

The creator of the multisig wallet, which has to approve the oracle replacement function before it executes, is the same address that requested the oracle replacements.

They are claiming that the wallet is compromised while they are using a multisig wallet which is impossible to be hacked.

Fun part was they they insured there company 1 month before this rug pull for an oracle failure. They are claiming that the hack is the result of an oracle failure and they are using it as an escape to this epic savage scam.


Source: https://happyblocklabs.com/v/The-MOST-EVIL-Crypto-SCAM-Boris-and-Bob-Rug-Pulled-19mln0

So they've been caught lying by different audit teams or investigators then the "hacker" suddenly returned the entire "stolen" funds in exchange of a promised 20% bounty.

Defiyield is asking good questions here,

They're now in the process of "refunding" hehe. They probably did so because they've been KYC'd by the insurance platforms they partnered with.

The report also says the same people founded another platforms that was supposedly "exploited" in 2021.

This Oracle manipulation resembles the attack that happened on Mango Market also where the attacker then returns the rest of the funds and some are kept as bounties for finding out the exploit. It's said that this is a common exploit of oracles, draining the user's funds.

This one, however, seems like the dev team is involved in scamming the users.