Euler Finance hacker sends message to an Ethereum address belonging to the DeFi platform

TL;DR Breakdown

  • Euler Finance hacker sent a message to an Ethereum (ETH) address associated with the DeFi platform.
  • The price of EUL surged after hacker’s transactions.

On March 20, Euler Finance hacker sent a message to an Ethereum (ETH) address associated with the DeFi platform. In response, Euler issued an on-chain ultimatum demanding the return of the funds. The hacker then offered to start a dialogue to resolve the situation.

After several hours, an on-chain response was issued by Euler, acknowledging the message and requesting the exploiter to communicate “in private.”

On March 13, Cryptopolitan reported that a flash loan exploit drained approximately $196.9 million in various cryptocurrencies from the DeFi platform Euler. Also, Euler Finance saw a substantial attack on their platform take place, resulting in the theft of $8.7 million worth of DAI stablecoin, $18.5 million of Wrapped Bitcoin (WBTC), and large amounts of Staked Ethereum (stETH) and USD Coin (USDC) totaling over $135.8 million and $33.8 million respectively.

In response, the platform offered the hacker a 10% reward for the stolen sum (over $200 million) if they returned all funds within 24 hours. When this failed, Euler Finance announced a $1 million reward for information on the hacker and the return of all stolen funds.

On March 16, the hacker transferred 1,000 ETH (worth $1.74 million at the time of writing) associated with the Euler exploit to the Tornado Cash mixing service in 10 separate transactions. Subsequently, on March 18, 3000 ETH was sent back to Euler Finance from the same wallet address. Additionally, funds were also directed to a possible victim of the exploit.

Johannes, a crypto Twitter user, noted that EUL’s price increased by 70% only minutes after the transactions occurred, from $2.3 to $3.95. Johannes speculated that the hacker might have been mocking the Euler team for others to benefit should the funds be returned. Additionally, the language used by the exploiter indicates that multiple persons are involved in the loot. Previously, blockchain analytics firm Chainalysis reported that the wallet address to which 100 ETH was transferred had ties to North Korea, leading them to believe it could have been a deliberate attempt to deceive investigators.

Disclaimer. The information provided is not trading advice. holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.


Damilola Lawrence

Damilola is a crypto enthusiast, content writer, and journalist. When he is not writing, he spends most of his time reading and keeping tabs on exciting projects in the blockchain space. He also studies the ramifications of Web3 and blockchain development to have a stake in the future economy.