Euler Finance exploiter returns another $37.1M worth of ETH and DAI


The architect of the March 13 Euler Finance exploit returned an extra $26.5 million value of Ether (ETH) to the Euler Finance deployer account on March 27, on-chain knowledge reveals.

At 6:21 pm UTC, an deal with related to the attacker sent 7,738.05 ETH (value roughly $13.2 million on the time it was confirmed) to the Euler deployer account. In the identical block, one other deal with related to the attacker sent an an identical quantity to the identical deployer account, for a complete of 15,476.1 ETH (round $26.4 million) returned to the Euler crew.

Then, at 6:40 pm UTC, the primary pockets sent one other transaction to the deployer account for $10.7 million value of the Dai (DAI) stablecoin. This brings the overall of all three transactions to roughly $37.1 million.

Each of those addresses have obtained funds from the account that Etherscan labels “Euler Finance Exploiter 2,” which appears to indicate that they’re below the management of the attacker.

These transactions follow a previous return of 58,000 ETH (value over $101 million on the time) on March 25. In whole, the attacker seems to have returned over $138 million value of crypto belongings for the reason that exploit.

Ethereum-based crypto lending protocol Euler Finance was exploited on March 13, and over $195 million value of ETH and tokens had been drained from its good contracts. A number of protocols throughout the Ethereum ecosystem relied on Euler in a technique or one other, and at the very least 11 protocols have introduced that they suffered indirect losses from the assault.

In accordance with an evaluation by Slowmist, the exploit occurred due to a defective operate that allowed the attacker to donate their lent Dai to a reserve fund. By making this donation, the attacker was capable of push their very own account into insolvency. A separate account was then used to liquidate the primary account at a steep low cost, permitting the attacker to revenue from this low cost.

After draining Dai by means of this primary assault, the attacker then repeated it for a number of tokens, eradicating over $196 million from the protocol.

Funds stolen from Euler Finance. Supply: BlockSec