In the fast-moving world of decentralized finance, few events can cause more upheaval than a major hack. So when Platypus Finance, a decentralized finance (DeFi) protocol for stablecoins, was drained of $9 million last week, it sent shockwaves through the community.
But now, the protocol has announced that it will repay a minimum of 63% of funds to users after it managed to recover a part of the stolen funds. The announcement was made in a blog post on Thursday, in which Platypus Finance also revealed that it had worked with crypto exchange Binance to identify the hacker’s identity. The exploiter had used a Binance account that had gone through know-your-customer checks for a withdrawal request.
Platypus Recovers Millions in Stolen Stablecoins with Help from Blockchain Security Firm and Tether, but Third Attack Leaves Funds Unrecoverable
To recover the stolen funds, Platypus Finance worked with blockchain security firm BlockSec to retrieve $2.4 million of stolen USDC stablecoins. Additionally, Tether froze $1.5 million of stolen USDT. However, some $287,000 worth of assets were stolen in the third attack and were considered unrecoverable as the exploiter had run them through a crypto mixer and encryption service.
The Platypus exploit consisted of three consecutive attacks, with the first and most severe draining a total of $8.5 million in stablecoins from the protocol’s main pool. Maker’s DAI, Paxos’ Binance USD, Tether’s USDT, and Circle’s USDC were among the stablecoins that were affected.
Platypus Proposes Recovery Plan to Aave and Offers Compensation to Hack Victims in the Wake of $9 Million Exploit
Platypus Finance said it had submitted a proposal to Aave’s governance forum to recover the $380,000 worth of stablecoins that were mistakenly transferred to the lending protocol in the second attack. Meanwhile, the protocol confirmed that it had not used its $1.4 million treasury to compensate victims of the hack, but might do so over the next six months if Platypus cannot recover more assets.
“This compensation plan ensures that a minimum of 63% of the funds will be distributed to users, regardless of any further update on fund recovery,” the Platypus post said. If Tether agrees to remint the frozen USDT to Platypus and Aave approves the recovery proposal, then 78% of user funds will be recovered.
Despite this setback, Platypus Finance has already revealed its plans to restart the stablecoin swap protocol next week, without its depegged stablecoin, USP. This incident is just the latest example of crypto’s rampant problem with hackers, with last year’s $3.8 billion in crypto assets stolen primarily from DeFi platforms such as Platypus, according to a report by blockchain security firm Chainalysis.
Source: CoinDesk
