Visualy ®
December 4, 2023

Ethical Hacker Claims Leave Platypus DeFi Protocol $8.5M Short


In a surprising turn of events, a French court has allowed two brothers, Mohammed M. and Benamar M., to walk free despite their involvement in an $8.5 million theft from the decentralized finance (DeFi) protocol Platypus. The brothers' defense that they were acting as 'ethical hackers' swayed the court's decision, leaving Platypus to grapple with the financial aftermath.

The Flash Loan Attack on Platypus

The incident, which unfolded on February 16, involved the exploitation of a code error in Platypus’s system. The hackers utilized a flash loan attack, a method that involves borrowing large amounts of cryptocurrency and manipulating the market to profit, to drain $8.5 million from the protocol. This maneuver forced Platypus to suspend its trading services temporarily.

Investigation and Tracing of Stolen Funds

Following the attack, Binance’s security team, along with independent crypto investigators, traced the stolen funds, leading to the identification of Mohammed and Benamar M. as the perpetrators. The brothers were taken into custody on February 24, awaiting trial.

Court Hearing and Defense as Ethical Hackers

During the court hearing on October 26, the brothers admitted to stealing and funneling the funds but claimed to be 'ethical hackers.' They proposed returning the funds in exchange for 10% of the total amount stolen, likening their actions to a bug bounty attempt. Remarkably, the court accepted this defense and cleared them of all criminal charges.

Complications and Inaccessible Funds

Despite the court's decision, the situation remains complex. A significant portion of the stolen funds, amounting to 7.8 million euros in cryptocurrency, became trapped in a wallet, rendering them inaccessible.

Further Challenges for Platypus

The legal outcome comes amid continued challenges for Platypus. The DeFi protocol recently suffered another significant loss in a separate flash loan exploit, resulting in a combined loss of around $2.2 million in three separate attacks.

Conclusion: A Precedent in DeFi Legal Cases

The case sets a unique precedent in the world of DeFi and cryptocurrency. It raises questions about the ethical implications of hacking and the legal boundaries within the rapidly evolving DeFi sector. For Platypus, the recovery from these financial setbacks remains an ongoing challenge, highlighting the vulnerabilities and legal ambiguities in the world of decentralized finance.

Latest posts


Stay updated with our latest news!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Follow Us