Member
- Joined
- Oct 14, 2023
- Messages
- 225
- Thread Author
- #1
The Platypus Finance DeFi project on the Avalanche network fell victim to an attack, losing about $2 million in digital assets. PeckShield analysts were the first to notice this.
After the hack was reported, the project temporarily stopped all liquidity pools "due to suspicious activity."
The attacker probably used an instant loan exploit targeting AVAX-sAVAX pools. Official comments about the vulnerability have not yet been received.
Platypus was already attacked in February of this year, as a result of which an unknown person withdrew assets worth $8.5 million. In addition, the stablecoin of the USP project lost its peg to the dollar after the hack.
The team reported that the hacker took advantage of an instant loan and a logical error in the solvency verification mechanism in the collateral contract. Later, the French police detained the suspects in the attack.
The funds in the main pool of Platypus covered approximately 35% of user deposits. Developers still pay compensation for the "stable coin"that has lost its binding. In total, they returned about $1.3 million.
According to Immunefi, in the third quarter, the industry's losses from hacking and fraud reached $685.5 million — 59.9% more than in the same period last year.
Update: total loss >$2mYou do not have permission to view link Log in or register now.
— PeckShieldAlert (@PeckShieldAlert) October 12, 2023
After the hack was reported, the project temporarily stopped all liquidity pools "due to suspicious activity."
Due to suspicious activities in our protocol, we have taken the proactive measure of temporarily suspending all pools.
Further updates will be communicated to the community in a timely manner.
Thank you for your patience and understanding during this time.
— Platypus (@Platypusdefi) October 12, 2023
The attacker probably used an instant loan exploit targeting AVAX-sAVAX pools. Official comments about the vulnerability have not yet been received.
Platypus was already attacked in February of this year, as a result of which an unknown person withdrew assets worth $8.5 million. In addition, the stablecoin of the USP project lost its peg to the dollar after the hack.
The team reported that the hacker took advantage of an instant loan and a logical error in the solvency verification mechanism in the collateral contract. Later, the French police detained the suspects in the attack.
The funds in the main pool of Platypus covered approximately 35% of user deposits. Developers still pay compensation for the "stable coin"that has lost its binding. In total, they returned about $1.3 million.
Update on USP compensation
1/ We used the reserved treasury for the 2nd round of compensation today.
Please note that volatile asset values have fluctuated since the plan's inception, resulting in a total refund of around 1.3m.
Compensation Page:You do not have permission to view link Log in or register now.
— Platypus (@Platypusdefi) September 26, 2023
According to Immunefi, in the third quarter, the industry's losses from hacking and fraud reached $685.5 million — 59.9% more than in the same period last year.