Euler Finance Hacker Returns Majority of Stolen Funds

In a dramatic turn of events, the hacker behind the $196 million exploit on the lending protocol Euler Finance has returned the majority of the stolen assets. According to on-chain data, on March 25th, the exploiter returned 51,000 ETH and 7,737 ETH worth over $101 million at the time of writing. The hacker had previously sent 3,000 ETH to the protocol on March 18th, worth nearly $5.4 million at the time. However, the exploiter still controls some of the stolen assets.

The Euler Finance hack took place on March 13th, when the hacker carried out multiple transactions, stealing nearly $196 million from the protocol in a flash loan attack. This attack is considered the largest decentralized finance (DeFi) hack of 2023. The stolen assets included 8.8 million Dai (DAI), 849,000 Wrapped Bitcoin (WBTC), 85 million Staked Ether (stETH), and 34 million USD Coin (USDC).

After a few days, the hacker sent an on-chain message to Euler Finance, calling for an agreement with the protocol. In the message, they stated that they had “no intention of keeping what is not ours” and that they wanted to make things easy on those affected. The protocol had previously tried to negotiate with the exploiter, requesting that they return 90% of the stolen funds within 24 hours or face legal action. However, no response was received, and Euler Finance offered a $1 million bounty reward for any information leading to the capture of the exploiter.

The hacker has made other transactions, including a transfer of 1,000 ETH Smart Staking (NETH) worth approximately $1.65 million at the time, through sanctioned crypto mixer Tornado Cash. However, blockchain analytics firm PeckShield reported that around 100 ETH was sent to a wallet address likely owned by one of the victims. An on-chain message sent by the wallet address had earlier pleaded for the attacker to return their “life savings.”

The return of the majority of the stolen funds is good news for Euler Finance and its users, but the incident highlights the need for better security measures in the DeFi space. Despite the growing popularity of DeFi, the industry remains vulnerable to hacks and exploits. The Euler Finance hack is just the latest in a series of high-profile attacks on DeFi protocols, and it is a stark reminder that investors must remain vigilant and cautious when participating in DeFi.


Tagged : / / / / /

Euler Finance Suffers Flash Loan Attack, Loses Millions in Multiple Cryptocurrencies

On March 13, 2023, Euler Finance, an Ethereum-based noncustodial lending protocol, became the victim of a flash loan attack. The attacker managed to steal millions in various cryptocurrencies, including Dai, USD Coin, staked Ether, and wrapped Bitcoin. According to on-chain data, the exploiter carried out multiple transactions and stole nearly $196 million, making it the largest hack of the year.

The breakdown of stolen funds is as follows: $87 million in Dai, $51 million in USDC, $40 million in stETH, and $17 million in WBTC. Euler Finance has not yet made an official statement regarding the attack, and it remains unclear whether the stolen funds will be recovered.

Crypto analytic firm Meta Seluth stated that the attack is related to a deflation attack that occurred one month ago. The attacker used a multichain bridge to transfer the funds from the Binance Smart Chain (BSC) to Ethereum and launched the attack today. ZachXBT, another prominent on-chain sleuth, reiterated the same and said that the movement of funds and the nature of the attack seem quite similar to the black hats that exploited a BSC-based protocol last month.

The attack on Euler Finance highlights the risks associated with flash loans, which are uncollateralized loans that allow traders to borrow large amounts of capital without putting up any assets as collateral. Flash loans have become increasingly popular in the DeFi space and have been used in several high-profile attacks, including the $600 million hack of Poly Network in August 2021.

Flash loan attacks are a growing concern for the DeFi ecosystem, and several projects have taken steps to mitigate the risks associated with these loans. For example, Aave, a popular DeFi lending platform, has implemented a cooldown period for flash loans, requiring borrowers to wait for a period before taking out another loan. Similarly, Compound Finance has implemented a fee on flash loans to deter attackers.

Euler Finance is just the latest DeFi project to fall victim to a flash loan attack, highlighting the need for better security measures in the DeFi ecosystem. As the DeFi space continues to grow, it is essential to implement robust security measures to protect users’ funds and prevent attacks like these from happening in the future.


Tagged : / / / / /
Bitcoin (BTC) $ 38,165.23 0.66%
Ethereum (ETH) $ 2,045.19 0.36%
Litecoin (LTC) $ 70.19 0.66%
Bitcoin Cash (BCH) $ 223.67 0.26%