ChainCatcher news, according to The Block, a French court has declared the suspects in the $8.5 million hacking case of the stablecoin trading project Platypus Finance not guilty. The suspects were arrested a week after the hacking incident, following information provided by cryptocurrency detective ZachXBT and Binance that helped French police track down the two brothers.It is reported that the defendants claimed to be "ethical hackers," asserting that they obtained the funds in order to return them to the protocol, hoping to receive 10% of the total amount as a reward. Under this defense, the defendants were acquitted.

ChainCatcher news, according to the French newspaper Le Monde, the two hackers of the stablecoin trading project Platypus on the Avalanche chain were acquitted by the court. The two hackers, Mohammed M. and Benamar M., stole approximately $8.5 million. French authorities accused Mohammed of counterfeiting and maintaining automated data processing systems, fraud, and money laundering, while Benamar was charged with receiving stolen assets. However, Mohammed claimed to be a "white hat hacker," hoping to "recover funds from the Platypus platform to return later," and sought a "10% bonus of the total amount" paid by the company, after which he was acquitted.Previously, according to monitoring by CertiK, the stablecoin Platypus USD on Avalanche experienced a flash loan attack, resulting in a total asset loss of approximately $9 million.

ChainCatcher news, the stablecoin trading project Platypus Finance on the Avalanche chain stated on the X platform that users can now withdraw refunds (for users with stolen funds) on Platypus. The portion of shares deposited through aggregators is not included; please wait for further announcements from the aggregators.Previously, on October 17, Platypus claimed to have recovered 90% of the stolen funds and will subsequently announce withdrawal arrangements.

ChainCatcher news, the stablecoin trading project Platypus Finance, which was previously attacked, stated that it is calculating the amount of funds to be reimbursed to each user, including funds from aggregators. Platypus Finance plans to start distributing the funds that need to be reimbursed next week.Previous report, on October 12, according to monitoring by PeckShield, the stablecoin trading project Platypus Finance was suspected of being hacked, resulting in a loss of approximately $1 million in AVAX.

ChainCatcher news, the stablecoin trading project Platypus Finance announced on social media that the development team is conducting an investigation to determine the root cause of the vulnerability in this incident. For safety reasons, its mining pool will remain paused until the fundamental issue is identified and corrected, and its platform will undergo another round of audits.Due to the uncertain duration of this investigation, Platypus Finance will arrange refunds for all existing LPs, and detailed withdrawal instructions will be shared with the community in the coming days. Additionally, Platypus is currently in contact with the hacker, attempting to initiate negotiations.

ChainCatcher news, the stablecoin trading platform Platypus stated in a post on X that an attack on October 12 resulted in approximately $2.2 million in losses for the sAVAX-AVAX pool. With the help of the security platform Supremacy, they successfully recovered about 50,000 sAVAX and 7,000 AVAX from one of the exploiters. The team is working closely with security experts to identify and rectify the vulnerabilities. Platypus will not restart the liquidity pool until these issues are thoroughly resolved and security measures are strengthened.

ChainCatcher news, according to monitoring by PeckShield, the stablecoin trading project Platypus Finance is suspected of being hacked, resulting in a loss of approximately 1 million dollars in AVAX.

ChainCatcher news, the security team Slow Mist tweeted that the stablecoin trading project Platypus on the Avalanche chain has been attacked again. Due to the oversight of the price difference between the two pools during token exchange via CoverageAratio, users were able to deposit USDC and then withdraw more USDT for arbitrage. Arbitrageurs profited approximately 50,000 USDC in this manner.

ChainCatcher news, the stablecoin trading project Platypus Finance on the Avalanche chain has launched a compensation page for victims of the hack, where users can view their balances before the attack and actions taken after the attack. If there are any discrepancies, users can submit a Google form with supporting evidence. The submission deadline is March 4th, 7:59 AM Beijing time. The team will prepare the first compensation payment within three months after receiving feedback and completing calculations.Previously reported, Platypus announced on February 17th that its stablecoin USP suffered a loss of approximately $8.5 million due to a hacker flash loan attack and is exploring compensation options. (source link)

ChainCatcher news, according to a tweet from the French police department, two attackers who exploited a flash loan to cause a loss of $9 million to the DeFi protocol Platypus have been arrested by French authorities.Previous report stated that on February 17, Platypus hackers exploited a vulnerability in the platform's solvency check mechanism to steal $9.2 million in digital assets. Platypus has recovered $2.4 million and $687,000 in BUSD, and has collaborated with Tether to freeze $1.5 million in USDT. Currently, the French police have seized approximately $220,000 worth of cryptocurrency. (CoinDesk)

ChainCatcher news, DeFi protocol Platypus Finance stated that after managing to recover a portion of the 9 million dollars lost from the protocol last week, it will refund users at least 63% of the funds.It is reported that the protocol is also collaborating with the cryptocurrency exchange Binance to confirm the identity of the attacker. The hacker used a Binance account that made withdrawal requests through KYC. Platypus has stated that it has contacted law enforcement and filed a complaint in France.ChainCatcher previously reported that last week, a hacker exploited a vulnerability in the platform's solvency check mechanism to steal 9.2 million dollars worth of digital assets. (Source link)

ChainCatcher news, the Avalanche ecosystem StableSwap project Platypus announced that it is formulating a user loss compensation plan and reminded users not to repay the stablecoin USP. In addition, liquidation has been paused, and users do not need to worry about liquidation issues.Platypus also stated that some funds are trapped in AAVE, so it is exploring a possible way to recover these funds, which will need to be proposed and passed through a recovery proposal on the AAVE governance forum.ChainCatcher previously reported that on February 17, Platypus stated that its native stablecoin USP had suffered a hack and is formulating a comprehensive recovery plan, and will keep the community updated on the latest developments. (source link)

ChainCatcher news, according to The Block, after the Avalanche ecosystem StableSwap project Platypus was hacked, at least $2.4 million in funds have been recovered with the help of blockchain security company BlockSec. BlockBeats previously reported that Platypus stated on February 17 that its native stablecoin USP suffered a flash loan attack, where the attacker used a flash loan to exploit a logical error in the USP repayment capability check mechanism within the contract holding collateral. The main pool lost a total of $8.5 million. (Source link)

ChainCatcher news, Slow Mist founder Yu Xian stated on social media regarding the $8.5 million stolen from Platypus today that after reverse engineering the attack contract, it was found that the attacker did not implement a withdrawal function in the contract, resulting in the attack profits being unable to be extracted, and the $8.5 million is sealed within the attack contract.According to CoinGecko data, USP (Platypus USD) has now depegged to $0.479. (source link)

According to ChainCatcher news, monitoring from Beosin EagleEye, a security risk monitoring, early warning, and blocking platform under the blockchain security audit company Beosin, shows that the Platypus project contract on the Avalanche chain has suffered a flash loan attack. The Beosin security team analyzed that the attacker first borrowed 44 million USDC through a flash loan and then called the deposit function of the Platypus Finance contract to stake, which would mint an equivalent amount of LP-USDC for the attacker. Subsequently, the attacker staked all LP-USDC into pool number 4 of the MasterPlatypusV4 contract, and then called the positionView function to calculate the borrowable balance using the _borrowLimitUSP function. The _borrowLimitUSP function returns a percentage of the value of the collateral staked by the attacker in MasterPlatypusV4 as the borrowing limit, allowing the attacker to mint a large amount of USP (profit point) through the borrow function.Due to the attacker having a large amount of debt (USP) from borrowing against LP-USDC, under normal logic, they should not have been able to withdraw the collateral. However, the emergencyWithdraw function check mechanism of the MasterPlatypusV4 contract had issues, only checking whether the user's borrowing amount exceeded their borrowLimitUSP (borrowing limit) without checking whether the user had repaid the debt, allowing the attacker to successfully withdraw the collateral (44 million LP-USDC).After repaying the 44 million USDC flash loan, the attacker was left with 41,794,533 USP, and then exchanged the profit in USP for various stablecoins worth $8,522,926.

ChainCatcher news, according to CertiK monitoring, the project Platypus on Avalanche experienced a flash loan attack on its stablecoin Platypus USD, resulting in a total asset loss of approximately $9 million. Most of the stolen funds remain in the attacker's contract address, while some funds have been sent to EOA and AAVE pools.The vulnerability seems to lie in the emergencyWithdraw function's validation for the MasterPlatypusV4 contract, which only fails when the borrowed assets exceed the borrowing limit. The function then continues to process the transfer of all users' deposit assets without considering the value of the assets borrowed by the users. The official Platypus Telegram channel stated that USP was subjected to a flash loan attack and is currently working to assess the situation, with all activities paused. (source link)

ChainCatcher news, the Avalanche ecosystem StableSwap project Platypus announced the launch of its native stablecoin USP, which is an over-collateralized stablecoin pegged to the US dollar. Platypus stated that the stablecoin will use the TVL of its stablecoin swap protocol as LP collateral, and will also utilize the algorithm of the stablecoin swap protocol as a mechanism to maintain the peg.ChainCatcher previously reported that in December 2021, Platypus completed a $3.3 million funding round, led by Three Arrows Capital and DeFiance Capital, with participation from 0xVenturesDAO and Avalanche. (source link)