Hacker activity during Christmas Eve and Christmas holidays increased. Attackers compromised the decentralized trading platform Defrost Finance and the crypto exchange Rubic and hacked BitKeep Wallet. The total amount of stolen funds is estimated at ~$16.5 million.
The Christmas holiday showed a high level of hacker activity. Over the weekend, hackers broke into at least two marketplaces and a crypto storage app. Let’s look at everything in order.
Defrost Finance Lost ~$12 Million
On December 24, Christmas Eve, attackers hacked Defrost Finance, an Avalanche-based crypto trading platform. Users initially reported the loss of coins sent to staking through the site. Later, the project team also confirmed the hack on Twitter.
The attackers managed to hack the platform’s V2 protocol and take advantage of a flash loan function. Using a malicious price oracle, the hackers added a fake collateral token LSW, with which they could obtain and withdraw a credit of 173,000 USDC.
At first, the project team assured users that the V1 protocol was fully operational, but a few hours later, they reported that money had also been stolen from it. So, the hackers withdrew over $12 million.
The community strongly criticized the developers, suspecting a Rug Pull scheme. The whole thing is that the V1 protocol doesn’t have a flash loan feature. And this innovation was the main trigger for the popularization of V2 and the key hacking tool afterward.
The project team asked investors to stop using both versions of Defrost Finance until internal investigations were completed.
BitKeep Wallet Users Lost ~$3 Million
A BitKeep multi-chain wallet also suffered an attack over the holiday weekend. The project team reported in its official Telegram group that hackers added code to the Android Package Kit (APK) to update the app, which gave them access to user funds. The update was sent out to users, and those who didn’t check its source lost the assets stored in their wallets.
According to blockchain analysts at Beosin, the hackers thus withdrew more than $3 million in BNB Chain tokens alone. Moreover, the hacker’s wallet now contains over 2.9 million USDT, ~166,000 DAI, and a bit more than 2,000 BNB.
It’s worth noting that the BitKeep Wallet app was already hacked not so long ago. In October, attackers exploited a swap feature vulnerability in the BNB Chain network and stole ~$1 million from users.
Rubic Lost ~$1.4 Million
Another Christmas “gift” from hackers was a hack of the cryptocurrency exchange Rubic. This was reported by analysts from PeckShield.
The hacker modified the protocol for adding tokens and sent fake USD Coin (USDC) to the router’s whitelist. As a result, the hacker managed to steal funds from 49 user addresses allowed to the RubicProxy contract. The project team warned the community about the risk and suspended all operations on the exchange.
The amount of stolen funds is estimated at ~$1.4 million, 1,100 ETH of which the hacker immediately sent to the Tornado Cash mixing protocol. Hackers are breaking productivity records in 2022, having stolen double the amount of digital assets in the current year than in 2021.
