Popular automated market maker (AMM), Platypus has suffered yet another flash loan exploit. The decentralized finance protocol lost about $2.2 million worth of virtual assets across three attacks that took place today. In response to the attack, the DeFi platform has suspended all of its pools.
Presently, the future of the AMM is presently under doubt. Within 2023 alone, Platypus suffered three different exploits on its protocol. Meanwhile, popular blockchain security firm Certik provided insights into the recent attack on the DeFi platform.
As revealed, the first of the three attacks that took place today claimed about $1.2 million from Platypus. The second attack manifested a few hours after, extracting $575,000 worth of crypto assets from the AMM. Less than a minute later, the attacker carried out the third exploit and went away with $450,000. In total, the three attacks that took place today claimed $2.2 million worth of crypto assets from Platypus.
Due to that, the security structure of the AMM is enduring stern scrutiny from concerned members of the crypto community. However, Platypus made major headlines during the crypto boom of 2021. Entering the market as an automated market maker (AMM) protocol, the platform attracted $3.3 million worth of investment in 2021 through a funding round. The now-defunct 3AC led the funding round.
Background into the recent hacks on Platypus
In 2023, the DeFi platform lost about $11 million to cyber attacks. Recall that on February 21, 2023, Binbits reported an exploit on the Platypus which claimed about $9 million from its protocol. After the attack manifested, the DeFi platform initiated a community-driven attempt to reclaim the stolen funds. Nonetheless, the efforts were fruitless.
Similarly, the February 2023 attack on the DeFi protocol orchestrated the de-pegging of Platypus’s stablecoin (USP). It pushed the value of the stablecoin from $1 to $0.48. Consequently, in March, the AMM designed a compensation website for those who lost their funds to the exploitation. With the platform, Platypus determined the severity of the attack and verified the claims of the affected users.
Likewise, in another separate flash loan attack in July 2023, Certik reported that hackers stole about $157,000 from the protocol. It is worth mentioning that while carrying out a flash loan attack, the attacker usually exploits a bug that would aid them in borrowing digital assets instantly. Leveraging this bug, the protocol will not mandate that the attacker provides collateral before accessing the loans.