Platypus Recovers 90% of Stolen Funds from Recent Exploit

Decentralized finance (DeFi) protocol Platypus has made significant strides in recovering assets stolen in a recent exploit. On 17 October 2023, the protocol announced via its Twitter handle, Platypusdefi, that it had successfully negotiated with the exploiter and recovered 90% of the funds siphoned off from the sAVAX pool during an exploit on 12 October 2023. The recovery reduced the net loss to approximately 18,000 AVAX. The announcement came as a relief to the Platypus community, who had been on tenterhooks since the exploit occurred.

The episode on 12 October 2023 was not the first time Platypus had been targeted. The protocol had suffered two previous flash loan attacks in 2023, losing $8.5 million in February and around $157,000 in July. Platypus had since been on a mission to enhance its security infrastructure to prevent further occurrences. However, the attacks in October, where three consecutive exploits led to a loss of over $2 million, demonstrated the persistent vulnerabilities within the protocol’s system. The hackers managed to extract $1.2 million in the first attack, $575,000 in the second, and $450,000 in the third, all within a span of hours.

Platypus acknowledged the crucial role that the community played in resolving the crisis swiftly. The community’s support facilitated the quick identification and resolution of the hacking incident, enabling a prompt response. The protocol expressed its gratitude towards its community members for their assistance during this trying period.

In light of these attacks, Platypus halted all pools and initiated a thorough investigation to pinpoint the root cause of the recurrent exploits. The protocol is also making arrangements for the withdrawal of all existing liquidity providers and is in the process of sharing detailed withdrawal instructions with its community. Additionally, the DeFi protocol has been working on a compensation plan for users who lost their assets in the previous attacks, demonstrating its commitment to making amends and ensuring such security breaches are averted in the future.

Meanwhile, efforts to bring the culprits to book saw some success earlier in the year when French police arrested two suspects related to the February hack, seizing around $222,000 worth of crypto assets on 25 February 2023. This action was supported by crypto investigator ZachXBT and the Binance exchange, showcasing a collaborative effort in combating crypto-related crimes.

Image source: Shutterstock


Tagged : / / / / / / /

THORSwap Resumes Operations with Enhanced Security Measures to Combat Illicit Funds Transfer

In light of recent concerns regarding the potential transfer of illicit funds, THORSwap, a decentralized exchange (DEX) powered by the multichain THORChain protocol, resumed operations on October 13, 2023, following a temporary shutdown earlier this month. The platform took the step to enhance its security measures and ensure a safer trading environment for its users.

On October 6, 2023, in response to growing concerns about the movement of illicit funds through its platform, THORSwap transitioned into “maintenance mode”. This decision was informed by consultations with advisors, legal counsel, and law enforcement agencies. The aim was to curtail any further potential illicit activity and work on a more robust solution to prevent such incidences in the future.

The latest announcement from THORSwap reveals that the platform is now back online, with users able to resume trading over 5,500 assets across 10 blockchains directly from their self-custody wallets. While the user interface remains largely unchanged, the platform has updated its terms of service and partnered with an industry leader to fortify its security infrastructure. These measures are intended to impede the flow of illicit funds through the platform.

While the temporary shutdown was not well-received by a section of the community, the move reflects THORSwap’s long-term commitment to ensuring a secure and compliant trading platform. This commitment to security is not just crucial for THORSwap, but also holds significance for the larger decentralized finance (DeFi) ecosystem, especially at a time when other platforms like the Yield Protocol have opted to shut down due to rising regulatory pressures and lack of business demand.

THORSwap acknowledged that additional fine-tuning might be required in the coming days to ensure the effectiveness of the new security measures. They have encouraged users to report any issues they encounter on the platform via Discord.

The actions taken by THORSwap highlight the challenges decentralized exchanges face in ensuring compliance with regulatory standards, particularly concerning the prevention of illicit funds transfer. The security enhancements adopted by THORSwap set a precedent for other DEXs in the industry striving to balance user privacy with regulatory compliance.

Image source: Shutterstock


Tagged : / / / / / / / / /

Stars Arena Recovers Majority of Stolen Crypto

Web3-based social media platform, Stars Arena, has made a significant recovery of the crypto assets lost during a security breach on October 7, 2023. As per the update shared on October 11, 2023, via a tweet, the platform successfully reclaimed approximately 90% of the stolen funds. The total amount stolen was 266,104 Avalanche (AVAX) tokens, which, at the time, had a market value of around $3 million, as reported by Blockchain.News. The recovery came after the platform reached a settlement with the individual responsible for the exploit. The compromised funds were returned, excluding a 10% bounty fee given to the exploiter, which amounted to 26,610 AVAX, plus an additional 1,000 AVAX that was apparently lost in a bridge during the exploit, totaling a 27,610 AVAX bounty.

Stars Arena received back a sum of 239,493 AVAX, processed in two separate transactions, each comprising 119,246 AVAX. The bounty, valued at nearly $257,000 at the time, served as a compensatory measure for the individual responsible for the exploit.

Following the recovery, Stars Arena has taken strides to bolster its security framework to prevent similar incidents in the future. The platform disclosed that it has developed a new smart contract to secure the returned funds before re-launching. As a part of the ongoing effort to enhance security, the platform is in the final stages of conducting an audit on the new contract. Initially, on October 7, the platform had notified its community about the significant security breach caused due to a flaw in the smart contract that led to the draining of funds.

In a follow-up update, Stars Arena revealed that it has secured additional funding to address the security lapse and has engaged a development team to conduct a comprehensive security audit. However, details regarding the nature of the exploit have yet to be disclosed.

This wasn’t the first security issue faced by Stars Arena. Merely two days before the major exploit, on October 5, a smaller security breach occurred, though the hackers could only manage to steal around $2,000 worth of assets. The root cause was identified as a vulnerable price function in the platform’s smart contract, which allowed the exploiter to sell user shares at no cost and receive AVAX in return. The vulnerability was later patched by the platform.

The security challenges aren’t unique to Stars Arena as its main competitor,, has also witnessed targeted SIM-swap attacks. In response, has recently enhanced its security features to thwart such attempts.

Image source: Shutterstock


Tagged : / / / / / /

KuCoin Twitter Hack Leads to Loss of Funds

In a recent incident, the official Twitter account of the cryptocurrency exchange KuCoin was compromised by hackers, resulting in the loss of funds for some users who fell victim to a fake giveaway event. According to KuCoin, the hack lasted for almost an hour on April 24, 8 AM ET. During this time, the attackers posted a fake activity on KuCoin’s Twitter account to lure users into thinking that they were participating in an official event. The exchange identified 22 transactions that were involved in the incident and promised to reimburse the victims.

KuCoin has urged the victims to contact them for assistance and promised to implement better security measures to prevent similar incidents in the future. The exchange is also collaborating with Twitter in conducting further investigations into the incident. Despite the unfortunate incident, some community members commended KuCoin for its quick response to the attack.

However, the KuCoin Twitter hack is just one of many incidents where hackers have taken over official Twitter accounts of crypto exchanges and NFT projects to promote scams. In September 2022, the Twitter account of the crypto exchange CoinDCX was compromised and used to promote fake XRP advertisements. Similarly, in January 2023, the Twitter account of the trading platform Robinhood was taken over by hackers who promoted a crypto token.

The incident involving KuCoin also highlights the need for better security measures in the Web3 space, particularly in nonfungible token (NFT) projects. In January 2023, the Twitter account of the NFT project Azuki was hacked, resulting in losses of $758,000 in just 30 minutes.

In conclusion, the KuCoin Twitter hack serves as a reminder for crypto exchanges and NFT projects to strengthen their security measures to prevent similar incidents from happening in the future. While KuCoin pledged to reimburse the victims and improve their security, it is important for other platforms to take proactive steps to protect their users’ funds and information.


Tagged : / / / / /
Bitcoin (BTC) $ 44,574.94 2.65%
Ethereum (ETH) $ 2,372.84 0.01%
Litecoin (LTC) $ 77.76 4.74%
Bitcoin Cash (BCH) $ 253.80 2.85%