Back to all stories
Blogs
Incident Analysis
Post Mortem: DefiLabs
1/7/2024
Post Mortem: DefiLabs

Project name: DefiLabs

Project type: DeFi

Date of rug pull: July 27th, 2023

Asset loss: $1.6M

Vulnerability: Rug pull

Date of audit report publishing: Aug 25th, 2022

Conclusion: Out of Audit Scope

Details of the Exploit

Background

DefiLabs is a DeFi project providing various DeFi services such as staking and exchange.

Nature of the Vulnerability

There is a privileged function withdrawFunds allowing the funder to withdraw all funds in the pool.

CertiK Audit Overview

defi1 defi2

Conclusion

On July 27th, 2023, DefiLabs was rug-pulled by a privileged function in the vPoolv6 contract, which is not audited by Certik.