News

Euler Finance receives message from hacker via Ethereum, but no clarity yet

Published

on

Source: Unsplash

  • Euler’s Finance’s hacker sent a message to an Ethereum address.
  • EUL’s price rose after hacker’s transactions.

On 20 March, Euler Finance’s hacker sent a message to an Ethereum [ETH] address related to the DeFi platform. After Euler issued an on-chain ultimatum demanding the funds’ return, the hacker offered to start a dialogue.

The message, embedded in an Ethereum transaction, read:

“We want to make this easy on all those affected. No intention of keeping what is not ours… Setting up secure communication. Let us come to an agreement.”

After several hours, Euler responded with its own on-chain message, acknowledging the message and asking the exploiter to speak “in private.”

On March 13, the DeFi platform was attacked with a flash loan exploit, draining approximately $196.9 million in various cryptocurrencies.

This loot included $8.7 million in DAI stablecoin and $18.5 million in Wrapped Bitcoin [WBTC]. Around $135.8 million in Staked Ethereum [stETH] and $33.8 million in USD Coin [USDC] were also stolen.

A few days later, Euler Finance offered the hacker 10% of the $200 million stolen in exchange for returning the rest within 24 hours. When that did not happen, Euler Finance formally announced a $1 million reward for information on the hacker and the return of all funds.

However, on 16 March, the hacker transferred funds associated with the Euler exploit to the Tornado Cash mixing service. The 10 transactions totaled 1,000 ETH (worth $1.74 million at the time of writing).

Other transactions from the exploiter’s wallet address also include 3000 ETH sent back to Euler Finance on 18 March, as well as funds sent to a possible apparent victim of the exploit.

Unknown hacker mocking the system?

Johannes, a crypto Twitter user, pointed out that just minutes after these transactions, EUL’s price went up by 70% from $2.3 to $3.95. He speculated that the hacker might be mocking the Euler team so others can profit if the funds are returned.

The language used by the exploiter indicates that more than one person is involved in the loot.

In an earlier tweet, blockchain analytics firm Chainalysis said that the wallet address to which 100 ETH was transferred was linked to North Korea. According to Chainalysis, this could be an intentional attempt to mislead investigators.