On March 13th, Euler Finance, a decentralized lending platform, was hacked for a whopping $197 million.
Euler Finance describes itself as “a non-custodial protocol on Ethereum that allows users to lend and borrow almost any crypto asset.”
The hackers were able to walk away with:
The day after the hack happened, Euler Finance issued an ultimatum to the hacker requesting if “90% of the funds are not returned within 24 hours” that Euler Finance will “launch a $1M reward for information that leads to your arrest and the return of all funds”.
The hacker did not respond nor return the requested 90% of the funds, and as a result, Euler Finance finally put forth a $1 Million reward for any information leading to the arrest of the hacker and the return of all the stolen assets.
After a couple of days of silence, the hacker surprisingly responded to Euler Finance via an on-chain message and claimed to have “no intention of keeping” the stolen funds.
The message ended with a call for Euler Finance and the Hacker to come to an agreement to presumably return the stolen funds.
I find the world so interesting now that the hacker and victim can have a conversation on-chain about the hack.
Below is an image of the on-chain message that was sent by the Hackers to Euler Finance:
“We want to make this easy on all those affected. No intention of keeping what is not ours. Setting up secure communication. Let us come to an agreement.”
- The Euler Finance Hacker
A report published by Chainalysis, claims that there are ties between the Euler Finance hack and the $622 Million hack of the Axie Infinity Ronin Bridge.
The report states that “100 ETH stolen in the Euler Finance hack moved to an address that previously received funds stolen in the Axie Infinity Ronin Bridge hack, which was carried out by the North Korean hacking syndicate Lazarus Group”.
The report also went on to claim that it is possible that this transfer of funds was an attempt to misdirect authorities and lay blame on another hacking group.
Also published here.