The platform of decentralized financing Platypus Finance, implemented on Avalanche technologies, will return to users about 63% of the funds that were stolen during the hacker attack. At the same time, some of the stolen funds have already been returned to the owners, judging by the Platypus blog post.
Recall that on February 16, the Platypus platform was hacked by an unknown attacker, which led to the theft of digital assets in the equivalent of more than $ 9 million. According to official information, the hacker took advantage of a vulnerability in the Platypus USD (USP) protocol.
The attacker used the Binance account to withdraw the stolen funds. In this regard, Platypus turned to representatives of the Binance crypto exchange to identify the attacker. Hacking of the platform led to the fact that the Platypus token lost more than 50% of the value of linking to USD.
The exploit took place after 3 consecutive attacks. During the first attack, there was a leak of $8.5 million in stablecoins, including USDC, USDT, DAI, BUSD and USDP. At the moment, the technical support service has managed to recover the stolen USDC in the amount of $ 2.4 million, as well as freeze the stolen USDT in the amount of $ 1.5 million. During the second attack, stablecoins in the amount of $380 thousand were mistakenly transferred to the Aave DeFi protocol. Platypus representatives sent a request to Aave for the return of these assets. During the third attack, $287 thousand of crypto assets were stolen. These funds are irretrievably lost, since the attacker transferred assets through the Tornado Cash crypto mixer and the Aztec Network encryption protocol.
Platypus blog reports that if the stolen funds cannot be returned within 6 months, assets from the platform’s treasury can be used to compensate the victims of the exploit. This action will cover the costs of theft by more than 63%, and in the case of defrosting of Tether funds, the total amount of refund will exceed 78%.