Platypus Finance, a DeFi protocol based on the Avalanche blockchain, has recently disclosed that the platform will recompense the consumers who suffered in the exploit. The exploit took place a few days back, and nearly $9 million was drained from the protocol in the end. In the latest development, the platform has published a blog post on Medium and declared that it would provide 63% of its assets.
Platypus Finance to Provide 63% of the Recovered Funds to the Victims of the Recent Exploit
The exploit comprised a 3-phase attack in which the hacker took benefit of a vulnerability in the solvency check apparatus of the platform. Subsequently, the hacker remained successful in taking away huge amounts in many crypto assets taking into account Binance USD (BUSD), Tether (USDT), USD Coin (USDC), and Maker (DAI).
The protocol operated in collaboration with the prominent crypto exchange platform Binance for the confirmation of the hacker’s identity. The exploiter utilized an account based on Binance to carry out the attack. The respective account experienced know-you-customer (KYC) checks while a withdrawal request was made. Platypus revealed that it communicated with law enforcement along with submitting a complaint in the jurisdiction of France.
1st of the three consecutive attacks performed by the hacker was the most severe. A cumulative amount of nearly $8.5M was drained in stablecoins due to the 1st attack. The above-mentioned stablecoins were taken away by the attacker from the main pool of the protocol. On noticing the incident, Tether took immediate action and froze up to $1.5 million USDT out of the cumulative stolen amount.
In the 2nd attack, the exploiter erroneously transacted stablecoins of $380,000 worth to Aave (a lending protocol). In this respect, a proposal has been submitted by Platypus to the governance forum of the Aave protocol to release the respective assets. After the 2nd attack, the 3rd attack effectively took away almost $287,000 amount of the swindled assets. The respective assets were labeled as unrecoverable and lost.
After the exploitation, the attacker utilized the crypto mixer named Tornado Cash as well as Aztec Network (an encryption service) to ensure that the assets become anonymous or untraceable. As a part of the recovery plan made by the platform, 63% of the assets existing in the main pool of Platypus are to be provided to the users who were the victims of the exploit.
After the attack, the platform’s pool was left with just 35.4% of the funds of the cumulative funds. In addition to this, the pre-attack assets’ 17.7%, as well as a 2.4 million worth of USD Coin, has been recovered by the decentralized finance protocol. Platypus also mentioned in its blog post that another 10.4% proportion of the pre-attack funds (approximately 1.4 million) in the treasury of the platform would additionally be utilized for compensation.
As per the company, the respective amount had not been utilized by it for the victims’ compensation. Nevertheless, it asserted to use them to recompense the losses of the liquidity providers within the upcoming six months in the case of no recovery of the stolen funds.
Tether Awaits Approval from Aave’s Governance Forum to Recover 78% of Exploited Assets
It added that the firm is communicating with diverse parties to assist it in recreating stablecoins drained in the exploit. Apart from that, Tether has confirmed that the frozen USDT tokens will be reminted by them if their proposal is approved by Aave. In this way, Tether will likely recover almost 78% of the stolen funds.