Platypus Finance Falls Victim to Another Flash Loan Exploit, Losing $2 Million
Platypus Finance, a decentralized finance (DeFi) protocol, has been targeted by yet another flash loan exploit, resulting in a loss of over $2 million. The hack was first reported by blockchain security firm PeckShield on October 12th. As a result, Platypus Finance temporarily suspended all pools.
Specific Targeting of AVAX-sAVAX Liquidity Pool
On-chain data suggests that the hackers specifically targeted the AVAX-sAVAX liquidity pool. CertiK’s investigation revealed that two malicious entities stole approximately $1.3 million worth of wrapped AVAX (WAVAX) and around $913,000 in liquid-staked AVAX (sAVAX). However, Platypus Finance has not yet released a post-mortem report to confirm the exact amount stolen.
“Due to suspicious activities in our protocol, we have taken the proactive measure of temporarily suspending all pools. Further updates will be communicated to the community in a timely manner. Thank you for your patience and understanding during this time.”
A History of Attacks
Platypus Finance operates as an Automated Market Maker (AMM) protocol on the Avalanche blockchain, primarily focusing on stablecoin exchange. In 2021, the platform secured $3.3 million in funding led by Three Arrows Capital, which has since declared bankruptcy.
This is not the first time Platypus Finance has fallen victim to a flash loan attack. In February, the protocol experienced a devastating loss of over $8.5 million. The attackers exploited a vulnerability in Platypus Finance’s native stablecoin’s USP solvency check mechanism, deceiving the smart contracts into believing it was fully backed.
In an effort to recover from the previous attack, the team behind Platypus Finance successfully retrieved approximately 61.7% of the initial losses suffered by their liquidity pools. They also accessed a reserved treasury and initiated a second phase of recovery in September.
Hot Take: The Need for Improved Security Measures
The recent flash loan exploit on Platypus Finance highlights the ongoing security challenges faced by DeFi protocols. As attackers continue to exploit vulnerabilities, it is crucial for platforms to prioritize robust security measures and conduct regular audits to identify and address potential risks.
While Platypus Finance has taken proactive steps by suspending pools and initiating investigations, the incident serves as a reminder of the need for continuous vigilance and improvement in DeFi security practices. Only by implementing stringent security measures can platforms protect user funds and maintain trust in the DeFi ecosystem.
By
By
By
By
By