- Euler’s Finance’s hacker sent a message to an
- EUL’s price rose after hacker’s transactions.
On 20 March, Euler Finance’s hacker sent a message to an Ethereum [ETH] address related to the DeFi platform. After Euler issued an on-chain ultimatum demanding the funds’ return, the hacker offered to start a dialogue.
The message, embedded in an Ethereum transaction, read:
“We want to make this easy on all those affected. No intention of keeping what is not ours… Setting up secure communication. Let us come to an agreement.”
After several hours, Euler responded with its own on-chain message, acknowledging the message and asking the exploiter to speak “in private.”
On March 13, the DeFi platform was attacked with a flash loan exploit, draining approximately $196.9 million in various cryptocurrencies.
We are aware and our team is currently working with security professionals and law enforcement. We will release further information as soon as we have it. https://t.co/bjm6xyYcxf
— Euler Labs (@eulerfinance) March 13, 2023
This loot included $8.7 million in DAI stablecoin and $18.5 million in Wrapped
[WBTC]. Around $135.8 million in Staked Ethereum [stETH] and $33.8 million in
[USDC] were also stolen.
A few days later, Euler Finance offered the hacker 10% of the $200 million stolen in exchange for returning the rest within 24 hours. When that did not happen, Euler Finance formally announced a $1 million reward for information on the hacker and the return of all funds.
Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.
— Euler Labs (@eulerfinance) March 15, 2023
However, on 16 March, the hacker transferred funds associated with the Euler exploit to the Tornado Cash mixing service. The 10 transactions totaled 1,000 ETH (worth $1.74 million at the time of writing).
Other transactions from the exploiter’s wallet address also include 3000 ETH sent back to Euler Finance on 18 March, as well as funds sent to a possible apparent victim of the exploit.
Strategy for @eulerfinance exploit.Yesterday the Hacker returned 3k eth (~5 mio USD) of the stolen ~200 mio USD to Euler.To be exact the first transfer took place at 6:53 AM and this is where things are getting interesting. pic.twitter.com/OFxb4d59ze