Platypus DeFi loses $2.2M in another flash loan exploit

cointelegraph.com:

Decentralized finance (DeFi) protocol Platypus has lost over $2 million in assets after suffering another flash loan exploit on its platform. The protocol suspended all of its pools in response to the attack. 

According to the blockchain security platform CertiK, the DeFi platform suffered three attacks, with $2.23 million taken in total across the exploits. On Oct. 12, the first attack took place, taking $1.2 million from the platform. A second attack occurred hours later, stealing $575,000 worth of assets from the platform. Just a minute later, the third attack had taken place, with $450,000 in assets lost.

Due to suspicious activities in our protocol, we have taken the proactive measure of temporarily suspending all pools.
Further updates will be communicated to the community in a timely manner.
Thank you for your patience and understanding during this time.

Platypus is an automated market maker (AMM) protocol that allows digital assets to be traded automatically by using liquidity pools instead of the more traditional markets where there are buyers and sellers. The platform raised $3.3 million back in 2021 in a funding round led by the now-bankrupt Three Arrows Capital. 

The DeFi platform suffered losses because of a flash loan exploit. In this type of attack, traders would exploit a vulnerability that would allow them to instantaneously borrow crypto without providing the necessary collateral for the transaction.

Related: Exploits, hacks and scams stole almost $1B in 2023: Report

CertiK noted that the recent flash loan attack is the third attack on Platypus in 2023. On Feb. 16, the protocol lost $8.5 million in a similar exploit, which also led to the de-pegging of the Platypus USD stablecoin, driving its price from