In recent months, the cryptocurrency sector has been marked by a series of security breaches that have understandably raised concerns within the digital currency community.

The decentralised finance (DeFi) protocol, Platypus, recently suffered a severe setback, losing over $2 million in assets due to a flash loan exploit on its platform.

This unfortunate incident led to the suspension of all the protocol's pools as an immediate response to the attack.

CertiK, a blockchain security platform, has identified three separate attacks on the DeFi platform, resulting in a combined loss of $2.23 million across these exploits.

Security firm PeckShield also provided insights into the nature of this breach and confirmed that the AVAX-sAVAX liquidity pool was the primary target, with flash loans being the likely method of attack.

Platypus Finance Latest Security Breach

In the initial breach, the attacker made off with $1.2 million from the platform.

A second attack ensued shortly which resulted in the theft of $575,000 worth of assets.

Astonishingly, just a minute later, a third attack occurred, resulting in the loss of an additional $450,000 in assets.

This security incident is reminiscent of an earlier breach suffered by Platypus Finance earlier this year, raising concerns about its vulnerability.

What Is A Flash Loan Attack?

This latest incident serves as a stark reminder of the potential dangers associated with flash loans, a crucial mechanism in DeFi.

Flash loans were initially designed to empower users by granting them access to funds without requiring collateral, as long as they repay the loan within the same transaction block.

Unfortunately, attackers have exploited vulnerabilities in DeFi protocols, using flash loans to manipulate market conditions to their advantage and profit within the tight confines of a single transaction block.

In simple terms, a flash loan attack is when someone borrows cryptocurrency for a brief moment, stirs up trouble in the crypto world, and then gives it back, leaving everyone else bewildered and potentially facing losses.

It is a bit like a magical trick, but with real money and real consequences.

Platypus Finance Suspends All Pools

In response to this recent breach, Platypus Finance has taken the precautionary measure of suspending all pools, mirroring actions taken after previous security incidents.

The company cited "suspicious activities" on their protocol as the reason for this suspension.

Platypus Finance posted on X (formerly known as Twitter) that with @Supremacy's help, $575k had been recovered.

Platypus Finance Falls Victim To Attacks Thrice in 2023

Regrettably, this is not the first time Platypus Finance has fallen victim to such attacks in 2023.

In February, the platform incurred an $8.5 million loss in a similar exploit, which also led to the depegging of the Platypus USD (USP) stablecoin, causing its price to plummet from $1 to $0.48.

Another flash loan exploit in July resulted in the loss of approximately $157,000.

In response, the DeFi protocol established a compensation portal in March, aimed at helping victims recover their lost assets from the February attack.

This portal allowed users to verify the amount of compensation they were eligible for and voice their concerns before the distribution of funds.

Besides recovering $575k from one of the exploiters, Platypus Finance is currently working closely with security professionals to "identify and rectify vulnerabilities."