DeFi Protocol Platypus Recovers Millions in Stolen USDC After Hack
DeFi protocol Platypus recently suffered a hack, resulting in almost $9.1 million being lost.
However, blockchain security firm BlockSec was able to recover at least 2.4 million USDC, freeze $8.5 million in the contract they were transferred to, and accidentally receive $380,000 from a second attempt to exploit back to Aave.
The attacker could only cash out $270,000, as revealed by MetalSleuth, a visualization tool from Blocksec.
BlockSec retrieved the stolen funds by exploiting a loophole in the attacker’s contract, taking advantage of a callback function that approved USDC to the project’s contract and withdrew it from the attacker’s contract.
During the callback function, the attacker hardcoded the logic to approve USDC to the project’s contract, which is a proxy. This callback function was used in the attack, as it lacked access control.
READ MORE: Ethereum: Supply on Exchanges Rapidly Declines After the Merge
BlockSec’s successful recovery of the stolen funds demonstrates the importance of blockchain security measures in protecting assets and mitigating losses.
Alexander Stefanov
Reporter at CoinsPress
Alex is an experienced finance journalist and a cryptocurrency and blockchain enthusiast. With over five years of experience covering the industry, he deeply understands the complex and constantly evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His passionate approach allows him to break down complex ideas into accessible and insightful content. Follow up on his content to be up to date with the most important trends and topics - stay ahead of the curve with CoinsPress.
