Decentralized finance protocol Platypus recovered 2.4 million USDC from yesterday's 9 million exploit with the help of smart contract audit firm BlockSec, the team announced on Twitter.
We have successfully recovered the 2.4 million USDC from the attacked contract: https://t.co/lpDYQtu9bf
— Platypus 🔺 (🦆+🦦+🦫) (@Platypusdefi) February 17, 2023
We would like to express our gratitude to @BlockSecTeam for their time and effort in helping us achieve a successful outcome. We are truly thankful for their assistance!
According to MetaSleuth, a crypto funds visualization and analysis tool powered by BlockSec, the attacker could only cash out $270,000 of the almost $9.1 million in stolen funds from Platypus. The first attack, which resulted in a loss of approximately $8.5 million, have been frozen in the attacked contract, while the second attack, which resulted in additional $380,000, was mistakenly transferred to Aave, on-chain data show.
@Platypusdefi was exploited resulting in a total loss of ~$9.05M. Although the project suffered significant losses from the three attacks, the attacker was only able to control a total of ~$270K from the third attack. The exploiter's initial fund came from @FixedFloat
— MetaSleuth (@MetaSleuth) February 17, 2023
After… https://t.co/XCrVB7khzK https://t.co/ckq4XWPexg
Daniel Von Fange @danielvf revealed how Playtpus hack stolen funds have been recovered:
In a dazzling reverse hack, a substantial chunk of the Playtpus hack stolen funds have been recovered.
Here's how it worked: (1/4)
The attacker forgot to code any way collect the funds after stealing them, so the funds were locked in the attack contract.
They also neglected Flash Loan 101 and allowed anyone to call the flash loan callback code. No check that they had started the flash loan. 2/4
This allowed @BlockSecTeam and the project to retrigger the hack, but with one major twist - the project contracts had been upgraded to steal back from the attacker during the hack. 3/4
The attack sequence involved taking flash loaned USDC, approving it, and depositing into the project.
But during the retrigger, the attack code used its own stolen USDC to approve and deposit instead.
The new project code simply took the attacker's USDC and ran with it. 4/5
This was some magnificent recovery work by @BlockSecTeam. Definitely people to have on your side when things go bad. 5/5
All Comments