Platypus DeFi faces flash loan attack, according to CertiK

Blockchain security firm CertiK reported on Feb. 16 that it has spotted a flash loan attack on Avalanche-based stableswap platform Platypus DeFi. The blockchain security firm posted the news in a tweet, alongside the attacker contract address.

#CertiKSkynetAlert We are seeing a #flashloan attack on @Platypusdefi resulting in a potential loss of ~$8.5M.Tx AVAX: 0x1266a937c2ccd970e5d7929021eed3ec593a95c68a99b4920c2efa226679b430Stay Frosty! pic.twitter.com/AM2HOM5M2r

— CertiK Alert (@CertiKAlert) February 16, 2023

According to the source, nearly $8.5 million has been already been moved. As a result, the Platypus USD stablecoin became depegged and dropped 52.2% to $0.478 at  time of writing.

. @Platypusdefi new stablecoin has been exploited for approximately 8m it appears pic.twitter.com/hNLkiG4l8D

— Spreek (@spreekaway) February 16, 2023

A flash attack is the same method used by Avi Eisenberg when he allegedly manipulated the price of Mango Markets’ MNGO coin in October. Eisenberg said shortly after the exploit that he believed “all of our actions were legal open market actions, using the protocol as designed.”

Platypus has not yet made a public statement on the incident.

yEarn Creator Says Recent Audits Don't Necessarily Mean the Project Is 100% Safe   Aug. 20, 2020
DeFi attacks are on the rise — Will the industry be able to stem the tide?   May 14, 2022
Web3 is the solution to Uber’s problem with hackers   Oct. 1, 2022
Developers need to stop crypto hackers — or face regulation in 2023   Nov. 3, 2022
Top 7 cybersecurity jobs in high demand   Feb. 26, 2023