Euler Hacker Ignores Ultimatum and Sends Stolen Funds to Tornado Cash

On March 13th, the crypto industry was shocked to learn that the lending protocol Euler Finance had lost $196 million worth of crypto to hackers. So far, it is the biggest crypto theft in 2023.

Soon after, Euler Finance issued an ultimatum to the hacker. The company instructed that the malicious actor return funds and keep $20 million or face legal consequences. When that failed, the protocol issued a $1 million bounty for information on his identity.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is Aurora in Crypto? NEAR Protocol Token Explained (ANIMATED)

SUBSCRIBE

ON YOUTUBE

The hacker appeared unfazed and began cleaning the stolen crypto via a mixer. PeckShield, a blockchain analytics firm, revealed that the hacker had moved 1,000 ETH, valued at around $1.65 million, to the crypto mixer sanctioned by US authorities dubbed Tornado Cash.

Since the attack, the price of Euler Finance’s native token, EUL, has been nose-diving. It fell over 52% immediately after the attack was revealed. Since then, it has continued to fall and currently retails for $1.78.

According to a report by Chainalysis, Euler Finance lost $196 million worth of USDC, wrapped Bitcoin, DAI, and staked Ether. It is believed that the hacker exploited a vulnerability in the platform's smart contracts. 

Interestingly, the hacker returned some of the stolen funds to a victim, who claimed they lost all their “life savings.” Soon after, other victims sent on-chain messages to the hacker, attempting to get back their funds.

The attack has revealed that DeFi protocols still face huge security challenges. Euler Fiance had been audited by six Web3 security firms, all of whom failed to notice the vulnerability.