The DeFi protocol Aave developed flash loans in 2020, which made lending and borrowing simpler without collateral. In layman’s language, a crypto loan is taken out and repaid within the same transaction in a flash loan. But, this facility attracted bad actors to take huge loans and then use the amount to manipulate the market in their favor. Such malicious activity is referred to as a flash-loan attack
The DeFi protocol, Platypus, became the latest victim of the flash loan attack, which saw the hacker drain approximately $8.5 million.
Team Works on Recovery Plan
Platypus Finance is a stablecoin swap on the Avalanche blockchain. Recently, it launched its stablecoin USP on Feb. 6. The attackers conducted a flash loan attack by exploiting a logic error in the USP solvency check mechanism.
After the attack, the USP lost its peg and was trading at around $0.47, but now the stablecoin has almost recovered its peg.
According to the latest Discord message from the admin, the team will soon release a “full recovery and action plan.”
ZachXBT Tracks Down Identity of Attacker
The on-chain sleuth ZachXBT traced down the wallet addresses of the attacker to a Twitter account, “retlqw.” He reached out to the potential attacker to negotiate the return of the fund, but the person deactivated their Twitter and Instagram accounts.
As the team froze a significant portion of the fund, the community believes that the hacker does not have a chance of negotiating a bounty negotiation.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.