DeFi protocol Platypus loses $8.5 million due to instant loan attack

The Platypus decentralized finance protocol based on the Avalanche blockchain was attacked, during which the hacker managed to steal about $8.5 million worth of crypto assets.

The Platypus platform reported that the attacker took out an instant loan using a logical error in the solvency check mechanism in the collateral contract. An unknown person was able to withdraw assets from the main pool. As a result of the actions of the hacker, the stablecoin Platypus USD lost its peg to the US dollar, falling by 52.2% to $0.47.

Platypus has suspended all operations on the platform. At the moment, the funds in the main pool of Platypus cover only 35% of user deposits. Funds in another pool are not affected. The Platypus team is negotiating with the hacker for a refund in exchange for a reward. The platform has also asked Binance, Tether and Circle to freeze the stolen funds to prevent further losses.

According to DefiLlama, in March last year, the volume of funds locked in the Platypus protocol reached an all-time high of $1.25 billion.. Now this figure is about $40.7 million.

This is not the first time that hackers have used instant loans attacks.. Last fall, the DeFi protocol New Free DAO, powered by Binance Smart Chain, was subjected to similar frauds.. His NFD token crashed 99%.