Blocked Platypus Attack: Industry's First Counter-Exploitation of a Hacker's Contract
Dec 21 2023

Since BlockSec’s debut in 2021, we have long maintained that code auditing alone cannot solve Web3 security issues. Therefore, we have been investing in exploring new paradigms for Web3 security. Thus we created Phalcon Block, the world's first crypto hack-blocking system.

Before the launch of Phalcon Block, the system had been running internally for 2 years, successfully blocking over 20 hacks, and rescuing more than 14 million USD worth of assets, including 3.8 million for Saddle Finance, 2.4 million for Platypus, 5 million for ParaSpace, and more.

In this series of articles, we will present representative successful stories of our system Phalcon Block. Today let's take a look at the industry's first counter-exploitation of a hacker's contract that rescued $2,400,000.

How We Blocked the Attack Against Platypus

On Feb 16, 2023, Platypus Finance suffered an attack and lost $9 million. Interestingly, the attacker made a huge mistake—they forgot to code the logic that would withdraw the funds from the attack contract. Fortunately, we found a way to leverage the attack contract to rescue $2M.

The attacker's contract has a function (flashloan's callback) that, when called, approves the transfer of USDC to the Platypus's contract. Although initially used for attack, now we can use it to approve the transfer of USDC from the attacker's contract to Platypus' contract.

Next, we wrote a PoC and verified that this rescue scheme works! We shared this solution with Platypusdefi and worked closely with them, successfully recovering $2.4 million USDC in this transaction.

BlockSec has always been at the forefront of crypto security. We work tirelessly to analyze and research every security incident and do everything we can to safeguard funds. Because we know that we're not just protecting numbers, we're protecting the lives of crypto users.

On July 12th, the Platypus faced another attack and the team responded quickly to minimize the damage. Immediate response is key! Yet, automated defenses like Phalcon Block can further minimize the damage.

How to Access the Service

Since the launch of Phalcon Block in November, we have gradually opened access to the system. The access process is as follows:

  1. Book a demo presentation
  2. We will reach out to you to schedule a demo meeting
  3. Our security experts will complete the integration of your protocol

Let Phalcon Block build a defense line for your protocol. It doesn't require much work on the protocol side and would never bring in additional risk. It's just like a shield providing an additional layer of safety. Book a demo now!

About Phalcon Block

Phalcon Block is an attack monitoring and automated blocking platform launched by BlockSec. The platform is capable of accurately identifying attacks and automatically blocking them. Phalcon Block aims to provide comprehensive post-launch security protection for Web3 projects, including continuous monitoring, attack blocking, and emergency response, safeguarding on-chain assets for protocol providers, LPs, and DAO organization participants.

To date, Phalcon Block has successfully blocked over 20 hacker attacks, rescuing more than $14 million in assets. Even in the early customer stage, Phalcon Block gained recognition and a grant from the top DeFi protocol Compound and established an attack-blocking platform for it.


Twitter: @Phalcon_xyz


See More Success Stories of Phalcon Block

Sign up for the latest updates
#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability
Security Insights

#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability

This blog shows the vulnerability and attack caused by Incompatibility of commonly used modules.

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit
Security Insights

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit

On August 3, 2023, an MEV Bot on Arbitrum was attacked, resulting in $800K in loss. The root cause of this attack was **Insufficient User Input Verification**.

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks
Case Studies

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks

On April 9, 2023, SushiSwap became the target of an exploit due to an Unverified External Parameter. The total loss is about $3.3 million.

BlockSec uses cookies and other identifiers to analyze our traffic in accordance. We also share information about your use of our site with our analytics partners. By remaining on this website, you consent to our use of cookies and the Privacy Policy.