Platypus Stablecoin exploited
Thedefiant • February 19, 2023
Platypus Finance, a decentralized exchange (DEX), has fallen victim to a hacking attack that exploited an "emergency withdraw" function. The exploit took advantage of a flaw in the smart contract that governs the emergency withdrawal function, allowing the hackers to bypass the platform's security measures and drain the funds from the platform's liquidity pools. The hackers then used a technique known as "flash swapping" to launder the stolen funds through various DeFi platforms.
The Platypus team has acknowledged the attack and is working to recover the stolen funds. The team has also stated that it will implement additional security measures to prevent similar attacks in the future. This attack underscores the risks involved in investing in DeFi platforms, which are still in their infancy and are subject to a range of security vulnerabilities. However, it also highlights the importance of proper risk frameworks for investors to avoid such losses.
While the loss of funds from Platypus Finance is certainly a disappointment, it serves as a reminder that proper risk frameworks can mitigate the risks of investing in the rapidly evolving and often unpredictable world of DeFi. By staying informed and taking a cautious approach, investors can minimize their exposure to potential losses and strengthen the long-term viability of the DeFi ecosystem.
Fourstack Capital utilizes risk frameworks for all three layers in the technology stack. The frameworks encompass the protocol layer, network layer, and application layer. Platypus Finance did not pass the risk categories identified by Fourstack Capital and as such, there has been zero exposure to this platform. This showcases once again its function as the first line of defense when investing in different blockchain protocols.