Platypus Finance, a leading decentralized finance (DeFi) protocol operating on the Avalanche network, encountered a serious security breach that resulted in a loss of more than approximately $2 million, according to information disclosed by cybersecurity firm PeckShield.
Platypus Finance Faces Over $2 Million Deficit on Avalanche Network
In response to the breach, Platypus Finance took immediate action by temporarily suspending all liquidity pools.
The project released a statement, saying, “Due to suspicious activity in our protocol, we have taken the necessary measures to temporarily suspend all repositories. Further updates will be communicated to the community in a timely manner.”
The vulnerability in question is thought to be a flash loan attack that specifically targets the AVAX-sAVAX liquidity pool.
Flash loans are a distinctive feature of decentralized finance and allow users to borrow assets without collateral, provided the loan is repaid within the same block of transactions.
Unfortunately, attackers have found ways to exploit this functionality by manipulating market prices or exploiting vulnerabilities in DeFi protocols.
An attacker can artificially influence market conditions by borrowing large sums of money and exploit the resulting inequalities before closing the loan within a single block of transactions.
This incident is not the first example for Platypus Finance. In a similar incident that occurred in February 2023, the protocol was the victim of a flash loan attack targeting the newly launched stablecoin USP. During this incident, an estimated $8.5 million was siphoned off from the project.
*This is not investment advice.