Flash loan exploit appears to be behind Platypus USD stablecoin attack

Platypus USD (USP) lost its dollar parity on Thursday following an apparent exploit that allowed a wallet to siphon off about $8.5 million from the token's liquidity pools, just weeks after Platypus issued the stablecoin.

The presumed hack was accomplished by means of a flash loan exploit, during which an attacker takes out an enormous loan and settles it in the same block, sandwiching transactions that use the capital to exploit other protocols in between. The Platypus swap function on the network has been disabled since the attack. 

“There has been a flash-loan attack on USP," a pinned message in the official Platypus Telegram channel warns users. "We are currently trying to assess the situation and will communicate promptly on it. For now all operations are paused until we get more clarity.”

The alleged attacker appears to have taken out a $44 million flash loan from Aave V3, and in turn minted some 41 million US Platypus tokens. Next, the attacker cashed out some $8.5 million into other stablecoins, and paid back the flash loan. These actions all took place in the same block of transactions, on-chain data show.

“The vulnerability lies in the solvency checking in the function emergencyWithdraw of the MasterPlatypusV4 contract,” web3 security firm Certik told The Block.

“The solvency check doesn’t take into account the value of the user’s debt. It only checks whether the debt amount has reached the max limit,” Certik said. “After the solvency check passes, the contract allows the user to withdraw all deposited assets.”

The borrowing history of the attacker address.

With the pool’s liquidity drained in the previous block, the remaining 33 million tokens reside in attacker’s wallet, unable to be traded.

USP is now trading around $0.47 after dropping by just over 52%.

Chart data from CoinGecko.

Platypus did not immediately respond to a request for comment from The Block.

Correction: Updated to correct Platypus' formal name.