On March 13, 2023, a flash loan attack on Euler Finance became the largest decentralized finance (DeFi) hack of the year, and it still stands as a testament to the vulnerability of smart contracts. The attacker managed to steal nearly $196 million from the protocol in multiple transactions that included 8.8 million DAI, 849,000 wBTC, 85 million stETH, and 34 million USDC. But a recent update shows that the hacker has returned some of the stolen assets to the protocol.
According to on-chain data, on March 25, the hacker returned 51,000 Ether (ETH) worth around $88 million at the time of writing. In addition, the hacker also transferred 7,737 ETH, which is worth over $13 million at current prices. It’s worth noting that on March 18, the hacker had already sent 3,000 ETH back to the protocol worth nearly $5.4 million at the time. These recent returns have amounted to about 33% of the stolen funds, with the attack’s mastermind still holding the remaining assets.
The hacker responsible for the attack on Euler Finance sent an on-chain message a few days after the heist, calling for an agreement with the protocol. “We want to make this easy on all those affected. No intention of keeping what is not ours. Setting up secure communication. Let us come to an agreement,” the message read. The protocol also tried to negotiate with the attacker, asking them to return 90% of the stolen funds within 24 hours, or else they would face legal repercussions. The hacker did not respond, and shortly after, Euler offered a $1 reward for any information leading to the attacker’s capture.
The hacker still controls the majority of the stolen funds, but the recent returns could signal a willingness to cooperate or the desire to avoid getting caught. Despite the seemingly good intentions, the return of funds does not guarantee that the hacker will avoid legal penalties. Avoiding consequences for such exploits is becoming increasingly difficult as governments worldwide establish regulatory frameworks to prevent DeFi hacks, scams, and other illegal activities.
Interestingly, the hacker did transfer 1,000 nETH, worth about $1.65 million at the time, to a wallet address through the crypto mixer Tornado Cash. The identity of the recipient or the reasoning behind the transfer is unclear, but blockchain analytics firm PeckShield reported that approximately 100 ETH was sent to a wallet address likely owned by one of the victims. An on-chain message sent by the wallet address earlier pleaded for the attacker to return their “life savings.”
The Euler Finance hack is yet another reminder that the safety of DeFi protocols should not be taken for granted. As DeFi continues to grow in size and popularity, it is becoming more attractive to attackers, and it’s likely that such incidents will continue to happen. Consequently, the industry must develop better security measures, including more rigorous code reviews, frequent security audits, and comprehensive penetration testing.
In conclusion, while the recent returns of some stolen funds is a positive development, the fact remains that DeFi hacks like that on Euler Finance undermine investor confidence in the sector. As DeFi continues to flourish, protocols must realize that security should be their top priority, and investors should educate themselves on the potential risks of investing in a largely unregulated DeFi ecosystem.