Blockchain security company BlockSec recently helped the Platypus protocol recover $2.4 million in stolen money. MetalSleuth, a visualization tool from Blocksec, discovered that of the nearly $9.1 million in stolen monies from Platypus, the attacker could only pay out $270,000. The remaining $8.5 million of the stolen money has been frozen in the contract where it was transferred, and another $380,000 from a second exploit attempt was unintentionally routed back to Aave.
BlockSec’s strategy for exploiting the attacker’s contract flaw centered around getting back some of the stolen money for Platypus. Yajin Zhou, co-founder of BlockSec, told The Block, “By leveraging this loophole, the project can transfer the funds from the attacker contract to the project’s account.” Using the proof of concept BlockSec produced, the project was able to recover $2 million. Zhou also said that $8 million in assets were left stranded because the attacker contract lacks a transfer function.
To get back the crypto, BlockSec used a callback function in the attacker’s contract. Zhou said, “The attack was launched through the flash loan callback interface in the attack contract. This callback function has no access control. And during this callback function, the attacker hardcoded the logic to approve USDC to the project’s contract (which is a proxy).”
The Platypus Stablecoin Exchange Project was hacked with an estimated loss of $9 million. The project was hacked through flash loans on AVAX. The cause is believed to stem from a vulnerability in verifying the MasterPlatypusV4 contract using the EmergencyWithdraw function.
Blockchain security is becoming increasingly important in the cryptocurrency space. With the amount of money at stake, it is important to have a secure system in place to prevent theft. BlockSec is a company that specializes in blockchain security and has helped many projects recover stolen funds.
In addition to helping projects recover stolen funds, BlockSec also provides a range of other services. These services include auditing, code review, and security consulting. The company also offers a variety of tools to help developers identify and fix vulnerabilities in their code.
BlockSec is a leading blockchain security provider and has helped many projects recover stolen funds. The company’s commitment to security makes it an invaluable asset in the cryptocurrency space. By providing projects with the tools and expertise they need to protect their funds, BlockSec is helping to ensure the safety of the cryptocurrency industry.
The cryptocurrency industry is constantly evolving, and security is becoming more important than ever. With the help of companies like BlockSec, projects can rest assured that their funds are safe and secure. By using the latest security technologies, BlockSec is helping to ensure the safety of the cryptocurrency space.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your research before investing.
