Summary: In a recent development, the individuals behind the $8.5 million hack of Platypus Finance in February 2023 have been cleared of criminal charges by a French court. The court ruled that their use of a flawed smart contract did not constitute fraud. The defendants, identified as Mohammed and Benamar M., were arrested a week after the hack with the help of information from crypto analyst ZachXBT and Binance.
Details: According to a report in Le Monde, Mohammed, aged 22, faced several charges related to the attack, while his brother was charged with receiving stolen goods. Prosecutors sought a five-year prison sentence for Mohammed. However, the defendants were acquitted after Mohammed claimed to be an “ethical hacker” who intended to return the funds to the protocol and receive a 10% bonus.
During the flash loan attack, Mohammed mistakenly locked away millions of dollars of stolen funds, managing to recover only around $270,000. In a counter-hack, Platypus was able to salvage $2.4 million in USDC. The court found that since Mohammed accessed a publicly available smart contract, charges related to unauthorized access did not apply. Additionally, the use of Platypus’s vulnerable “emergency withdrawal” smart contract was deemed not fraudulent by the court.
As a result, charges related to money laundering and receiving stolen goods were also dropped. However, the court cautioned the brothers that Platypus could pursue civil action against them. The judges emphasized that while criminal charges did not stand, the decision was not a blanket approval.
This verdict brings attention to the complexities surrounding crypto-related legal cases and highlights the challenges in defining ethical hacking within the rapidly evolving digital landscape.