{"id":45447,"date":"2023-02-17T18:15:09","date_gmt":"2023-02-17T22:15:09","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=45447"},"modified":"2023-02-17T18:15:13","modified_gmt":"2023-02-17T22:15:13","slug":"platypus-finance-suffers-9m-hack-on-avalanche","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/platypus-finance-suffers-9m-hack-on-avalanche\/","title":{"rendered":"Platypus Finance Suffers $9M Hack On Avalanche"},"content":{"rendered":"\n<p>The <a href=\"https:\/\/coinscreed.com\/staging\/russia-based-sberbank-to-introduce-defi-platform-on-ethereum.html\" target=\"_blank\" rel=\"noreferrer noopener\">DeFi application, Platypus Finance<\/a> was the target of a $9 million attack according to the blockchain security firm CertiK.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-1024x576.jpg\" alt=\"Platypus Finance Suffers $9M Hack On Avalanche\" class=\"wp-image-45449\" srcset=\"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-1024x576.jpg 1024w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-300x169.jpg 300w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-768x432.jpg 768w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-150x84.jpg 150w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-750x422.jpg 750w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460-1140x641.jpg 1140w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460.jpg 1200w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Platypus Finance Suffers $9M Hack On Avalanche<\/figcaption><\/figure>\n\n\n\n<p>According to the report, a hacker took advantage of a feature in one of <a href=\"https:\/\/www.google.com\/search?q=Platypus+Finance+Suffers+%249M+Hack+On+Avalanche&client=opera&hs=hCR&ei=MJnvY6KkM4OX9u8PguG76Ak&ved=0ahUKEwii_IXa65z9AhWDi_0HHYLwDp0Q4dUDCA4&uact=5&oq=Platypus+Finance+Suffers+%249M+Hack+On+Avalanche&gs_lcp=Cgxnd3Mtd2l6LXNlcnAQAzIKCAAQ8QQQHhCiBDIKCAAQ8QQQHhCiBDIFCAAQogQ6EwgAEI8BEOoCELQCEIwDEOUCGAE6EwguEI8BEOoCELQCEIwDEOUCGAFKBAhBGABQlQxYlQxgmRJoAnABeACAAY4CiAGOApIBAzItMZgBAKABAaABArABCsABAdoBBAgBGAo&sclient=gws-wiz-serp\" target=\"_blank\" rel=\"noreferrer noopener\">Platypus' smart contracts<span class=\"wpil-link-icon\" title=\"Link goes to external site.\" style=\"margin: 0 0 0 5px;\"><svg width=\"24\" height=\"24\" style=\"height:16px; width:16px; fill:#000000; stroke:#000000; display:inline-block;\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:svg=\"http:\/\/www.w3.org\/2000\/svg\"><g id=\"wpil-svg-outbound-7-icon-path\" fill=\"none\" clip-path=\"url(#clip0_31_188)\">\r\n                            <path d=\"M9.16724 14.8891L20.1672 3.88908\" stroke-linecap=\"round\"\/>\r\n                            <path d=\"M13.4497 3.53554L20.5208 3.53554L20.5208 10.6066\" stroke-linecap=\"round\" stroke-linejoin=\"round\"\/>\r\n                            <path d=\"M17.5 13.5L17.5 16.26C17.5 17.4179 17.5 17.9968 17.2675 18.4359C17.0799 18.7902 16.7902 19.0799 16.4359 19.2675C15.9968 19.5 15.4179 19.5 14.26 19.5L7.74 19.5C6.58213 19.5 6.0032 19.5 5.56414 19.2675C5.20983 19.0799 4.92007 18.7902 4.73247 18.4359C4.5 17.9968 4.5 17.4179 4.5 16.26L4.5 9.74C4.5 8.58213 4.5 8.0032 4.73247 7.56414C4.92007 7.20983 5.20982 6.92007 5.56414 6.73247C6.0032 6.5 6.58213 6.5 7.74 6.5L11 6.5\" stroke-linecap=\"round\"\/>\r\n                        <\/g>\r\n                        <defs>\r\n                            <clipPath id=\"clip0_31_188\">\r\n                                <rect fill=\"white\" height=\"24\" width=\"24\"\/>\r\n                            <\/clipPath>\r\n                        <\/defs><\/svg><\/span><\/a> by using flash loans on the Avalanche (AVAX) blockchain.<\/p>\n\n\n\n<p>Stablecoins worth $44 million were added to the application by the attacker. The attacker may mint a comparable number of Platypus' USP stablecoins with the assets they took (41.79 million USP). <\/p>\n\n\n\n<p>The attacker then gained access to the first $44 million deposit and the newly created USP by abusing an <a href=\"https:\/\/coinscreed.com\/staging\/celsius-to-reopen-partial-withdrawals-for-users-who-qualify.html\" target=\"_blank\" rel=\"noreferrer noopener\">emergency withdrawal feature<\/a>. Before repaying the money, the attacker finally exchanged the USP for other assets.<\/p>\n\n\n\n<p>The total discrepancy, together with Platypus' anticipated loss, was $9 million. Although part of the stolen money has apparently been moved to certain pools, the majority reportedly still resides at the attacker's contract address. <\/p>\n\n\n\n<p>Such money can probably be repaid or recovered in part. The flash loan assault was confirmed by Platypus in a message posted on Telegram and Discord. It stated that it will suspend operations while it assesses the situation.<\/p>\n\n\n\n<p>This strategy is not exclusive to Platypus. Flash loans have recently been used to attack a number of additional DeFi platforms, including <a href=\"https:\/\/coinscreed.com\/staging\/mango-markets-exploiter-wants-bug-bounty-funds.html\" target=\"_blank\" rel=\"noreferrer noopener\">Mango Markets<\/a> in October, New Free DAO in September, Nirvana Finance in July, and Deus DAO in April.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The DeFi application, Platypus Finance was the target of a $9 million attack according to the blockchain security firm CertiK. According to the report, a hacker took advantage of a feature in one of Platypus&#8217; smart contracts by using flash loans on the Avalanche (AVAX) blockchain. Stablecoins worth $44 million were added to the application [&hellip;]<\/p>\n","protected":false},"author":43,"featured_media":45449,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[2309,197,12002,13405],"class_list":["post-45447","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-avalanche","tag-defi","tag-hacks","tag-platypus-finance"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/02\/croc_1676670946460.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/45447","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=45447"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/45447\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/45449"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=45447"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=45447"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=45447"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}