An attacker who hacked the Euler Finance DeFi protocol passed 1800 ETH (~2.49 million at the time of writing) through the Tornado Cash cryptomixer. This is evidenced by BlockSec discovered by analysts. on-chain activity.
On March 13, a hacker exploited the platform’s instant loan mechanism by posting unsecured collateral. As a result of an error in the smart contract, he managed to liquidate the debt and withdraw the cryptocurrency for $196 million.
The Euler team later disabled the vulnerable EToken protocol and notified US and UK law enforcement of the hack. The project has also reached out to analytics firms Chainalysis and TRM Labs to help with the investigation.
The platform offered the hacker to return 90% of the stolen funds. Otherwise, Euler has promised to offer a $1 million reward for any information leading to the attacker’s arrest.
After transferring part of the funds to Tornado Cash, some users on social networks suggested that “the chances of a refund are 0.00000000000000001%.”
exploit address -> phishing scam address -> tornado cash
Chances of recovery now sitting at 0.0000000000000001% https://t.co/xzJQ9lmInL
— Milkyway (@milkyway16eth) March 16, 2023
However, BlockSec Security Director Matthew Jiang thinksthat the transaction associated with Tornado Cash will not determine the fate of the stolen cryptocurrency.
“The amount of funds laundered so far is not directly related to whether the attacker will return 90% of the assets requested by Euler. The hacker will send them back if he wants, but he can change his mind, ”he said.
After the incident, an unknown user asked the hacker to return “vital savings” in the amount of 78 ETH. Ultimately, the attacker sent 100 ETH to his victim.
Recall that in early March, the address associated with the Uranium Finance hack moved 2250 ETH to Tornado Cash after 647 days of inactivity.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!