DeFi Protocol ‘Platypus’ De-pegged after Flash Loan Attack

On February 16, Platypus Finance, a decentralized finance (DeFi) application was affected by a flash loan attack. as per CertiK, a smart contract security firm. In a tweet, CertiK informed that the hacker used flash loans resulting in $8.5 million worth of assets loss. As a result, the Platypus USD stablecoin (USP) became de-pegged from the US dollar. Currently, all operations on the platform have been paused.

Earlier on Friday, the Platypus community confirmed that the attacker targeted a loophole in the USP solvency verification process. “They used a flash loan to exploit a logic error in the USP solvency check mechanism in the contract holding the collateral,”

According to blockchain data, the attacker raised around $44 million for the flash loan from Aave, a lending platform. The borrowed money was used to fund a trading pool on Platypus and fooled smart contracts into releasing $44 million of Platypus’ LP token in return for LP-USDC. A flash loan is an uncollateralized loan where digital assets are repaid the borrowed amount in a single transaction.

At press time, the USP price was at $0.24, down by 0.10% in the last 24 hours. On Friday Platypus community assured the users that they were trying to contact the hacker to arrange a bounty in exchange for the return of exploited funds.

In recent months, other DeFi platforms have been targeted by flash loans, including Deus DAO in April, Nirvana Finance in July, New Free DAO in September and Mango Markets in October. As per US Blockchain analysis, cyber attackers stole 1.3 billion USD from cryptocurrencies, 97% of which was stolen from DeFi platforms between January and February 2022.

On Thursday, the Financial Stability Board (FSB) released a report on the financial stability risks on DeFi platforms. As per the report, DeFi is quite similar to traditional finance in terms of its functions or the risks it is exposed to. And the final crypto regulatory framework of FSB is expected to be released in July, as per the report.

DeFi’s unique characteristics may be triggered by vulnerabilities like “Operational fragilities, liquidity and maturity mismatches, leverage and interconnectedness,” the FSB said.

Disclaimer

The views and opinions stated by the author, or any people named in this article, are for informational purposes only and do not establish financial, investment, or other devices. Investing in or trading crypto assets comes with a risk of financial loss.

Latest posts by Andrew Smith (see all)

Source: https://www.thecoinrepublic.com/2023/02/20/defi-protocol-platypus-de-pegged-after-flash-loan-attack/