Defrost Finance and Rubic Reportedly Get Exploited

The Crypto industry currently is going through hard times as it is pressurized by strict regulations, a prolonged downturn because of the bear market, as well as increasing exploits. These cases have been effective in decreasing the overall interest of the consumers in the industry. On the 25^th of December, the blockchain security firm called PeckShield reported a couple of such exploits.

Trending Now: Binance Will Endure any Crypto Bear Market, Says CZ

Defrost Finance and Rubic Exploited, Surprising the Community at the End of the Year

The blockchain security company mentioned that Defrost Finance (an ecological stablecoin program operating under Avalanche) and Rubic (a cross-chain aggregator) have witnessed exploits. The data provided by PeckShield shows Avalanche-based Defrost Finance was targeted by some bad actor that added bogus collateral tokens. The attacker additionally utilized wicked price oracles while targeting the liquidation of the present consumers.

As estimated by the blockchain security firm, Defrost Finance got deprived of more than US$12 million. PeckShield had formerly been informed by the community intel that some rug pull was to take place on Defrost Finance. While keeping this in view, the platform shared on its official Twitter channel that the fake collateral was entered into the protocol to carry out the whole process of exploitation.

The Defrost team is willing to negotiate with the hacker(s).

We are willing to discuss sharing 20% (negotiable) of the funds in exchange for the bulk of assets and are calling on the hackers to contact us asap.

— Defrost Finance ? (@Defrost_Finance) December 25, 2022

CertiK Reportedly Audited Both the Exploited Platforms

The cross-chain aggregating forum Rubic’s exploit drained almost $1.4 million worth of the company. Along with this, the aggregator’s 1,100 ETH tokens were transacted by the attacker to Tornado Cash (a crypto mixing platform that obfuscates the transferred crypto tokens’ transaction history). The official web portal of Rubic displays that Fairyproof and CertiK arranged their audit, as per PeckShield.

Just recently, it was noted by Wu Blockchain that CertiK conducted the audit of Defrost Finance in November previous year. Apart from that, it asserted that the audit of Rubic (another platform that is exploited on the same day) had also been organized by CertiK. At present no evidence has been provided that the blockchain security company responsible for auditing both the above-mentioned platforms has any involvement in the exploits.

While elaborating on the exploit of Rubic, PeckShield claimed that the cause of the exploit was that some USDC tokens were mistakenly added to the routers supported by the platform. The blockchain security firm also brought to the front that the lack of validation in the router named CallNative let the attacker take away the entirety of the funds possessed by the consumers who have authorizations to the RubicProxy.