French police have arrested two suspects believed to be responsible for the theft of $9.1 million in cryptocurrency from the US-based DeFi platform Platypus Finance. The two brothers, aged 18 and 20, have been arrested in Ile-de-France, just a few days after the hack was perpetrated.

The hackers targeted Platypus on February 17 in a series of flash loan attacks, exploiting a flaw in a key pricing mechanism of the platform. In the first attack they stole $8.5 million, $380,000 in the second, and $287,000 in the third. Inadvertently, the hackers sent the proceeds of the second attack to Aave, a lending protocol.

Of the $9 million in stolen assets, Platypus said it has recovered 2.4 million USDC and 687,000 BUSD. The company has also worked with Tether to freeze 1.5 million USDT.

As part of the arrest French police seized 210,000 euros ($222,000) worth of cryptocurrency.

The two hackers have been arrested after a blockchain investigator named ZachXBT had discovered a link between the attacker’s Twitter account and transactions in the blockchain. The Binance exchange platform also provided assistance in the investigation, Platypus said.