A potential suspect has been identified over the $8.5 million attack on decentralized finance protocol Platypus, which saw $8.5 million drained from the protocol.
Blockchain security firm CertiK first reported the flash loan attack on the Avalanche-based stable swap platform through a tweet on Feb.16, alongside the alleged attacker’s contract address.
According to CertiK, nearly $8.5 million has been already been moved. As a result, the Platypus USD stablecoin became de-pegged from the U.S. dollar, pada 52.2% na 0.478 dolara u vrijeme pisanja.
Vidimo a #flashloan napad na @Platypusdefi što rezultira potencijalnim gubitkom od ~8.5 miliona dolara.
Tx AVAX: 0x1266a937c2ccd970e5d7929021eed3ec593a95c68a99b4920c2efa226679b430
Stay Frosty! pic.twitter.com/AM2HOM5M2r
— CertiKAlert (@CertiKAlert) Februar 16, 2023
Platypus later confirmed the hack on Twitter, while a moderator of Platypus’ Telegram group confirmed that Platypus has halted trading.
“The attacker used a flashloan to exploit a logic error in the USP solvency check mechanism in the contract holding the collateral.”
Platypus confirmed a loss of “8.5 million” from its main pool and said that deposits were covered at 85%. Other pools were unaffected. The company has contacted the hacker to negotiate a bounty for the return of the funds.
Tether Holdings has frozen the USDT stolen, and Platypus had reached out to Circle and Binance to freeze other stolen tokens.
Draga zajednica,
Sa žaljenjem vas obavještavamo da je naš protokol nedavno hakovan, a napadač je iskoristio nedostatak u našem USP mehanizmu za provjeru solventnosti. Iskoristili su flash zajam da iskoriste logičku grešku u USP mehanizmu za provjeru solventnosti u ugovoru koji sadrži kolateral.— Platypus (++) (@Platypusdefi) Februar 17, 2023
A tweet from crypto “on-chain sleuth” ZachXBT has called out a now-deleted Twitter account going by @retlqw, alleging that the addresses identified by Platypus are linked to the account.
“I’ve traced addresses back to your account from the @Platypusdefi exploit and I am in touch with their team and exchanges. We’d like to negotiate returning of the funds before we engage with law enforcement,” said ZachXBT.
Platypus’ official Twitter account has also retweeted the message from ZachXBT
Hi @retlqw pošto ste deaktivirali svoj nalog nakon što sam vam poslao poruku.
Pratio sam adrese do vašeg računa od @Platypusdefi exploit i ja sam u kontaktu sa njihovim timom i razmenama.
Željeli bismo pregovarati o vraćanju sredstava prije nego što stupimo u kontakt sa policijom. pic.twitter.com/oJdAc9IIkD
— ZachXBT (@zachxbt) Februar 17, 2023
Blic napad je ista metoda koja se koristi by Avi Eisenberg when he allegedly manipulated the price of Mango Markets’ MNGO coin in October. Eisenberg said shortly after the exploit that he believed “all of our actions were legal open market actions, using the protocol as designed.” Eisenberg was arrested on fraud charges na decembar 28.
Update Feb. 17, 4:53 am UTC: Added a tweet from ZachXBT relating to the possible identity of the Platypus flash loan attacker.
Source: https://cointelegraph.com/news/platypus-defi-faces-flash-loan-attack-according-to-certik