Skip to main content
Sign in

Ploutos Money

avoid.net/ploutos-money12/100·78% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:defillama]
anchored·5BTZ3e…EGoT

Summary

Ploutos Money was a multi-chain DeFi lending and leveraged farming protocol, forked from Aave v3.0.2, that operated across Ethereum, Arbitrum, Hemi, Hyperliquid, Avalanche, Polygon, Base, Plasma, and Katana. On February 26, 2026, the protocol lost approximately $388,000 (187.36 ETH) after its USDC price oracle was misconfigured to reference Chainlink's BTC/USD feed instead of the correct USDC/USD feed. Immediately following the exploit, the team deleted its website, GitHub repository, and all social media accounts without issuing any warning or post-mortem, prompting on-chain security firms CertiK and BlockSec to conclude that the incident was an inside job rather than an external attack.

Connected Entities

1 entities
Organizations
Ploutos Money
Relationships
    Have evidence about Ploutos Money?

    Timeline(10 events)

    2025-01-01

    Ploutos Money launches as a multi-chain Aave v3.0.2 fork across Plasma, Arbitrum, Polygon, Base, and Katana, advertising leveraged lending and farming features.

    2026-02-01

    Arbitrum integration with Ploutos announced, expanding the protocol's multi-chain footprint per TradingView/Coindar announcement.

    2026-02-26

    At approximately 05:00 UTC, the USDC oracle on Ploutos Money is misconfigured to reference Chainlink's BTC/USD feed instead of the USDC/USD feed (block 24538896). One block later (block 24538897), an attacker borrows 187.36 ETH using only 8 USDC as collateral. $388,000 is drained across Hemi, Ethereum, Arbitrum, Hyperliquid, and Avalanche deployments.

    2026-02-26

    Immediately following the exploit, the Ploutos Money website, GitHub repository, X account, and all social media are deleted. No incident notice or post-mortem is issued.

    2026-02-26

    CertiK and BlockSec flag the oracle misconfiguration and subsequent exploit in real time. Both firms document that the protocol's website and social accounts have been deleted.

    2026-02-27

    Hemi Network issues an official statement confirming the exploit, stating its core protocol is unaffected, warning users against following unverified Telegram recovery instructions, and publishing 12 contract addresses requiring permission revocation.

    2026-02-27

    Pseudonymous investigator Tanuki42 links the Ploutos exploiter wallet to at least four additional hacks, including two Moonwell incidents totaling approximately $1.8 million in bad debt.

    2026-03-01

    BlockSec includes the Ploutos Money exploit in its weekly Web3 security incident roundup for February 23 to March 1, 2026, providing detailed block-level technical analysis.

    2026-03-13

    On-chain trackers observe 182 ETH moving to wallet 0x640fb638efcc086f5e95536678087e14a2e96ab, which then swaps holdings to stablecoins and disperses to nine or more additional wallets.

    2026-03-21

    A victim account published on Medium documents a $300,000 individual loss and partial recovery of approximately $210,000 via blockchain forensics firm AYRLP, with FBI IC3 and FTC complaints filed.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:defillama

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/4/2026, 2:54:13 AM

    last updated: 5/29/2026, 3:59:56 PM

    avoid.net — verified advice for a post-truth world