Euler Finance’s DeFi protocol cracker wallet sent 100 ETH to the Lazarus Group address associated with the Ronin attack in March 2022. This was reported by Lookonchain experts.
Euler Finance Exploiter transferred 100 $ETH to Ronin Bridge Exploiter(stole 173,600 $ETH and 25.5M $USDC).
Ronin Bridge Exploiter was listed by #OFAC as Lazarus Group – the North Korean state hacking group.
Are the two hackers the same person or was it intentional? pic.twitter.com/aPzOkSlXb6
— lookonchain (@lookonchain) March 17, 2023
In April 2022, the US Treasury Department’s Office of Foreign Assets Control placed a hacker group believed to be behind the North Korean government on a sanctions list. Chainalysis analysts confirmed that the address flagged by the authorities was involved in the Ronin hack. The incident with damage of about $625 million was the largest for the DeFi segment.
In June, there was an attack on the Horizon cross-chain bridge of the Harmony protocol in the amount of $100 million. FBI blamed North Korean groups Lazarus and APT38 for the hack. Experts from the analytical company Elliptic came to the same conclusion earlier.
In March 2023, an attacker illegally withdrew assets worth more than $196 million from the Euler Finance DeFi platform.
Lookonchain experts noted that a transaction between protocol cracker wallets and Lazarus does not necessarily mean they are identical. The hacker could have made the transfer deliberately in order to confuse the traces.
After the incident, the Euler Finance team blocked the vulnerable EToken module, turned to law enforcement agencies and to Chainalysis and TRM Labs for help in the investigation. The project required the hacker to return 90% of the stolen funds. The company warned that it would otherwise set a $1 million reward for any information leading to his arrest.
A few hours after the offer was made, the hacker sent ~$2.5 million worth of cryptocurrency to the Tornado Cash mixer. However, he responded to the request of one of the users to return the lost 78 ETH. The latter called the funds “vital savings”. In response, he received 100 ETH.
The CEO behind the Euler Labs project, Michael Bentley, called the days after the protocol exploit “the hardest” of his life. He stated that he would “never forgive” a hacker for “depriving him of time for his newborn son.”
The time immediately after an attack is crucial and I’ve done I can support the recovery process. I’ve had to sacrifice time with my newborn son. I’ll never forgive the attacker for that, but they can put things right and return funds to the EulerDAO Treasury ASAP.
— Michael Bentley (@euler_mab) March 16, 2023
Bentley corroborated a user’s comment that the protocol’s code went through ten audits in two years of operation. Halborn, Solidified, ZK Labs, Certora, Sherlock, and Omnisica found no issues during their review.
“Euler has always been a safety-oriented project,” the head of the company assured.
He recalled a reward of $ 1 million for information about the attacker.
Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.
— Euler Labs (@eulerfinance) March 15, 2023
Recall that only in 2023, the Binance and Huobi exchanges froze and returned access to $2.58 million in bitcoin associated with the Harmony hack. Norwegian authorities confiscated $5.9 million stolen from Ronin.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!