Cryptocurrencies, blockchain, NFT and new trends

Euler hacker returns $31 million, marking end to ‘recoverable funds’ in DeFi exploit

Crypto Ecosystems • April 4, 2023, 2:45AM EDT

Quick Take

  • The Euler Finance hacker has returned the outstanding $31 million, marking a successful end to recovery efforts.
  • Euler Finance suffered a flash loan-enabled attack on March 13 that resulted in a loss of $197 million worth of crypto assets.

Stay updated on Pro Crypto Ecosystems news by locking ACS tokens with The Block.

Connect/Create Wallet You can unlock at any time.*
No wallet? No problem. You can set one up for free. We recommend Torus for first-time users.
*a 2% locking fee will be added at the time of locking. Learn more about Access Protocol

The individual who hacked and pilfered Euler Finance, a decentralized lending project, has returned the remaining sum of $31 million. This has brought the project’s recovery endeavors to a close.

At approximately 6:55 pm EST on Monday, the attacker sent back $31 million — comprising 10,580 ETH ($19 million) and $12 million in DAI — through three transactions. This brought the total value of the returned funds to over $177 million, which accounts for 90% of the expected recoverable funds from the hack after adjusting for the 10% bounty previously offered by the project, according to the Euler Finance team.

Euler Labs, the developer behind the affected project, confirmed the successful recovery in a recent Twitter post, stating: “Following successful negotiations, all of the recoverable funds taken from the Euler protocol on March 13th have now been successfully returned by the exploiter.”

The return of these funds marks a rare instance of positive resolution in the DeFi space, where large-scale hacks have become increasingly common.

On March 13, Euler Finance was subject to a complex attack that leveraged flash loans, causing a loss of $197 million worth of crypto assets. To retrieve the stolen funds, Euler Finance offered the attacker a 10% bounty worth $19.7 million, with a warning to initiate a $1 million reward for information on the attacker if the remaining 90% of the funds were not returned.

Despite initial doubts when the hacker laundered $1.8 million through the crypto mixer Tornado Cash three days after the attack, the recovery process began on March 18 with the return of $5.4 million to Euler. 

Over the following days, the hacker continued to return funds at variable intervals. They returned the most-significant tranche of $102 million in ETH.

On 28 March, the hacker sent a series of on-chain messages to their address, using the input data to share messages with the public. In these messages, the attacker said they were “sorry” and promised to return the remaining funds as soon as possible.