The Ethereum-based non-custodial lending protocol Euler Finance is attempting to reach an agreement with the exploiter who stole millions from its protocol, demanding the hacker return 90% of the funds he stole within 24 hours or face legal consequences.
Euler Labs sent its ultimatum to the flash loan attacker who exploited the platform for $196 million transferring to the hacker 0 Ether (ETH) with an accompanying message on March 14:
“Continuing with our message from yesterday. If 90% of the funds are not returned within 24 hours, we will launch a $1 million reward tomorrow for information leading to his arrest and the return of all funds.”
Euler just sent an on-chain message to the hacker pic.twitter.com/0wKIW51NjM
— 0xngmi (flamazip arc) (@0xngmi) March 14, 2023
euler just sent an on-chain message to the hacker
The threat from the security forces comes after Euler send to the hacker a much more civilized message the day before.
“We understand that you are responsible for this morning’s attack on Euler’s platform,” it read. “We are writing to see if you would be open to talking to us about possible next steps.”
The request to return 90% of the funds would mean that the hacker would return USD 176.4 million and would keep the remaining 19.6 million.
However, many observers have pointed out that the hacker has little or no incentive to go through with the deal.
Look over your shoulder for the rest of your life, or take a $20m deal. No brainer.
Although, they could easily be state actors and aren’t really worried about low levels feds. https://t.co/i5zUSDqFca
— drnick ️² (@DrNickA) March 15, 2023
Look over your shoulder for the rest of your life or take a $20 million deal. No problem. Although, they could just as easily be state actors and aren’t really concerned with low level feds.
“If I were the hacker I would just say ‘I’ll give anyone who can track me down $2 million so they don’t tell Euler'” said an observer.
“Yeah, he has 200 million and they have 2 million. He wins in a bidding war,” wrote another twitter user in response.
Euler Labs said it was already working with law enforcement in the United States and the United Kingdom, along with the involvement of blockchain intelligence platforms. Chainalysis, TRM Labs and the Ethereum community in general, to help track down the hacker.
An update on our work today to recover funds for Euler protocol users.
Here are a few actions we took immediately:
1. Stopped the direct attack as soon as possible by helping disable the EToken module, which blocked deposits and the vulnerable donation function
2. Engaged TRM… https://t.co/6ZClE9uGoH
—Euler Labs (@eulerfinance) March 14, 2023
An update on our work today to recover funds from users of the Euler protocol. These are some of the measures we have taken immediately:
1. We stopped the direct attack as soon as possible by helping to disable the EToken module, which was blocking deposits and the vulnerable donation feature
2. 2. We involve TRM…
The lending platform added that it was able to quickly stop the flash loan attack by blocking deposits and the “vulnerable” donation feature.
Regarding the exploited code, The team explained that the vulnerability was “not discovered” in the audit of its smart contract, which had existed on-chain for eight months until it was exploited on March 13.
Euler Labs works with various security groups to perform audits of the Euler Finance protocol.
While the vulnerable code was reviewed and approved during an outside audit, the vulnerability was not discovered as part of the audit.
The vulnerability remained on-chain for eight… https://t.co/M3PYSOwHhL
—Euler Labs (@eulerfinance) March 14, 2023
Euler Labs works with various security groups to perform audits of the Euler Finance protocol. Although the vulnerable code was reviewed and approved during an external audit, the vulnerability was not discovered as part of the audit. The vulnerability remained on the chain for eight…
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.
