DeFi Protocol Platypus loses $2.2M in Exploit
Platypus, a DeFi protocol, suffered multiple attacks resulting in a loss of $2.23M. The platform temporarily suspended all pools to prevent further losses.
Platypus, a DeFi protocol, faced a series of attacks that drained over $2.23 million from its vault. On October 12, the first attack was launched, siphoning off $1.2 million from the platform. A few hours later, a second attack ensued, leading to a loss of $575,000. Merely a minute after the second attack, a third exploit was executed, resulting in a loss of $450,000. In response to these malicious activities, Platypus took quick action by temporarily suspending all its pools to prevent further losses.
Due to suspicious activities in our protocol, we have taken the proactive measure of temporarily suspending all pools.
Further updates will be communicated to the community in a timely manner.
Thank you for your patience and understanding during this time. — Platypus ???? (????+????+????) (@Platypusdefi) October 12, 2023
Platypus operates as an automated market maker (AMM) protocol. It facilitates the automatic trading of digital assets using liquidity pools, a departure from traditional markets that rely on buyers and sellers. In 2021, the platform successfully raised $3.3 million in a funding round spearheaded by Three Arrows Capital, which has since declared bankruptcy.
In a Flash Loan attack, malicious actors exploit vulnerabilities that allow them to borrow cryptocurrency instantaneously without offering the requisite collateral for the transaction.
This recent exploit isn't the first time Platypus has been targeted. CertiK, a blockchain security platform, highlighted that 2023 saw three attacks on the protocol. On February 16, Platypus lost a whopping $8.5 million due to a similar flash loan exploit. This incident also had a cascading effect on the Platypus USD (USP) stablecoin, causing its price to plummet from $1 to $0.48.
Later in the year, in July, another flash loan attack resulted in a loss of around $157,000. To address the February exploit, Platypus established a compensation portal in March. This portal was designed to assist victims in verifying their compensation amounts and voicing any concerns before the distribution of funds.