Only ten days after the Platypus hack on the Avalanche blockchain, the National Police have arrested two suspects who are believed to be behind the events. Nevertheless, a large part of the stolen funds would have been lost.
Two suspects arrested by the National Police for the Platypus hack
This weekend, the National Police said they have arrested two people, suspected of being behind the hack suffered by the decentralised finance protocol (DeFi) Platypus (PTP) about ten days ago:
Cybercrime]The PoliceNationale put an end to a large-scale scam for a loss of 9.5 millionon a US cryptocurrency exchange company.
2 individuals arrested and summoned to court.
s seizure of €210,000 in cryptocurrenciesPoliceJudiciaire pic.twitter.com/rKKuG95cWh– Police nationale (@PoliceNationale) February 24, 2023
While the loss was initially announced at $8.5 million, it has been re-evaluated at $9.5 million.
Although this attack is far from record-breaking in terms of the amount of money stolen, it is a particularly notable case because of the speed of the investigation.
As a reminder, onchain investigator ZachXBT was able to trace the attacker back to a link between the various addresses, pointing to an Ethereum Name Service (ENS) using the same handle as his social networks:
Hi @retlqw since you deactivated your account after I messaged you.
I’ve traced addresses back to your account from the @Platypusdefi exploit and I am in touch with their team and exchanges.
We’d like to negotiate returning of the funds before we engage with law enforcement. pic.twitter.com/oJdAc9IIkD
– ZachXBT (@zachxbt) February 17, 2023
Are most of the stolen funds lost?
The recklessness of the attacker, as well as the responsiveness of the various stakeholders, led to this swift arrest which took place on Wednesday. For their part, the Platypus teams thanked the National Police, ZachXBT, but also Binance:
Update: @PoliceNationale have arrested and summoned 2 suspects who were reportedly exploiting our platform.
Thanks to the assistance of @binance and @zachxbt in tracing their identities.
Kudos to the prompt action by the authorities!– Platypus (++) (@Platypusdefi) February 25, 2023
The two suspects are two brothers, aged 18 and 20, the older one allegedly led the attack, while the younger one benefited from the stolen money. In total, they would have been able to recover “only” the equivalent of 270,000 euros, and the police were able to seize 210,000, most likely from the Binance account of the person concerned. Both individuals were placed under judicial supervision pending a court summons, following police custody.
For its part, Platypus had already been able to recover 2.4 million USD. As for the remaining sum, it was reported to AFP that it was “beyond anyone’s reach”.
In reality, it seems that these words refer to several million dollars of stablecoins, stored on a smart contract created by the attacker. We can see this on Snowtrace, the explorer of the Avalanche C-Chain, the blockchain on which Platypus operates:
Address of a smart contract involved in the Platypus hack
So the real question is whether law enforcement is simply waiting for a court order to confiscate the private keys giving control of these funds, or whether the attacker has actually lost control over this smart contract, in which case these stablecoins would effectively be lost forever.
For its part, Platypus announces that the USP pool targeted by the attack will resume operation tomorrow. In addition, affected users will have access to a page offering them a visual of their assets before the hack, so they can claim compensation in the future:
We’re pleased to inform our users that we are now working on a page that will enable you to check your pre-attack balance, post-attack USP-related actions, and the amount you’ll be eligible to claim once the first compensation is ready.
It will be available on Feb 27th.– Platypus (++) (@Platypusdefi) February 25, 2023
