Euler Finance, the Ethereum-based lending protocol, could be one step closer to recovering funds stolen last week in a $196 million worth of flash lending attack.
In an on-chain message to Euler on March 20, Days after sending funds to a red-marked North Korean address, the exploiter said it now wants to “reach a deal” with Euler..
“We want to make it easy for all those affected. We have no intention of keeping what is not ours. Establish secure communication. Let’s reach an agreement,” said the exploiter.

Hours later, Euler responded with his own on-chain message, acknowledging the message and asking the exploiter to speak “in private”, stating:
“Message received. Let’s talk privately on blockscan through the Euler Deployer address and one of your EOAs, via signed email messages at contact@euler.foundation, or any other channel of your choice. Reply with your preference “.

Euler had already tried to reach an agreement with the exploiter after the attack, insisting that it return 90% of the stolen funds within 24 hours or face legal consequences.
There was no response and 24 hours later, Euler posted a $1 million reward for any information that could lead to the arrest of the exploiter and the return of the funds.
Although the identity of the exploiter is unknown, his recent language could suggest that more than one person is involved.
In a March 17 tweet, blockchain analytics firm Chainalysis claimed that the recent transfer of 100 Ether (ETH) to a wallet address associated with North Korea could mean the hack is the work of the “DPRK,” the Democratic People’s Republic of Korea.
However, it could also be an attempt to intentionally mislead investigators, according to the company.
Other transactions made from the exploiter’s wallet address include 3,000 ETH, which was sent back to Euler Finance on March 18, along with funds sent to cryptocurrency mixer Tornado Cash and even to an apparent victim of the exploit.
https://t.co/4OBksAu9od pic.twitter.com/Zb3MIyex2f
— PeckShield Inc. (@peckshield) March 18, 2023
March 20th, another address contacted Euler on-chain, claiming to have found a “robust chain of connections” that could help them figure out who and where the exploiter was.
Cointelegraph reached out to the Euler Foundation for comment but did not immediately receive a response.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.