Blockchain security company CertiK reported on February 16 that it had discovered a flash loan attack on the Avalanche-based stablewap platform Platypus DeFi. The blockchain security firm posted the news in a tweet, along with the attacker’s contract address.
We see a #flash loan attack on @Platypusdefi resulting in a potential loss of ~$8.5M.
Tx AVAX: 0x1266a937c2ccd970e5d7929021eed3ec593a95c68a99b4920c2efa226679b430
Stay Frosty! pic.twitter.com/AM2HOM5M2r
— CertiK Alert (@CertiKAlert) February 16, 2023
According to sources, almost $8.5 million has been transferred. As a result, the Platypus USD stablecoin became depegged and is down 52.2% to $0.478 at the time of writing.
. @Platypusdefi The new stablecoin has been exploited for approximately 8m pic.twitter.com/hNLkiG4l8D
– Speakaway (@speakaway) February 16, 2023
The flash attack is the same method used by Avi Eisenberg when he allegedly manipulated the price of Mango Market’s MNGO coin in October. Eisenberg said shortly after the exploit that he believed “all of our actions were legitimate open market actions, using the protocol as designed.”
Platypus has yet to make a public statement about the incident.