Posted on March 14, 2023 at 4:35 PM

Hackers drain around $200 million from DeFi lending firm Euler Finance

The number of hacking attacks in the decentralized finance (DeFi) sector has been significantly high in recent days. Euler Finance has become the latest victim of these attacks, with around $200 million being drained from the protocol. The blockchain security firm, PeckShield, initially reported this exploit.

Euler Finance suffers a $200M exploit

A tweet by PeckShield raised attention to an exploit on the Euler Finance crypto lending platform. PeckShield’s tweet urged the platform to look at several transactions that indicated that a hacker had gained unauthorized access to its network.

1/ @eulerfinance was exploited in a flurry of txs on Ethereum (one hack tx: https://t.co/L7ddZhHNq5), leading to the lost of ~$197m from the project.

— PeckShield Inc. (@peckshield) March 13, 2023

The blockchain security firm noted that a hacker appeared to have exploited Euler Finance through a series of transactions that resulted in the theft of around $197 million worth of cryptocurrencies. Another blockchain security firm, BlockSec, also confirmed the attack.

This exploit adds to the long list of DeFi protocols targeted by hackers looking for vulnerabilities in these platforms that are quickly gaining popularity. Despite the huge amount stolen from Euler Finance, the exploit is the 26^th largest hacking theft in the crypto industry.

The team at Euler Finance also acknowledged the breach saying that it had engaged security companies and law enforcement authorities to monitor the breach. The company’s website indicates that it maintains top-notch security by engaging the services of leading blockchain security companies, but this did not seem to stop the hacking attacks.

“We are aware and our team is currently working with security professionals and law enforcement. We will release further information as soon as we have it,” Euler Finance responded to PeckShield’s tweet.

According to blockchain network sleuth ZachXBT, the loss of funds on Euler Finance was most likely attributed to hackers. ZachXBT is an independent researcher investigating scams and hacks in the cryptocurrency industry. In a Twitter post, he noted that the exploit on Euler Finance was “almost certainly” the work of hackers.

He noted that it appeared that the same threat actor group behind the exploit on Euler Finance had exploited another protocol on the Binance BNB Chin a few weeks back and later laundered the stolen funds through Tornado Cash.

Tornado Cash is a crypto mixing tool used by hackers and individuals wanting to hide their on-chain data. The US government sanctioned the mixing tool, and its developer was arrested for enabling money laundering.

The North Korean Lazarus hacking group has been attributed to increased hacking attacks in the crypto space. The group uses Tornado Cash to hide their on-chain transactions. The group has been attributed to two of the largest hacks in the crypto sector: Harmony Bridge and the Axie Infinity Ronin bridge, where over $600M was stolen. According to a UN report, North Korea used stolen crypto assets to fund its missile program.

Euler Finance users complain of losses from the hack

Hacking exploits in the DeFi sector usually affect users the most as they are left in limbo, wondering how they will access their funds. Euler Finance investors are already airing their grievances because of the contagion caused by the exploit.

In the protocol’s official Telegram channels, users have complained about what lies ahead following the platform’s loss of funds. One user said that they had allegedly lost $1.3 million because of the exploit.

Users are complaining about the failure of the platform to safeguard their assets, yet it promoted itself as one of the most secure lending platforms in the DeFi sector. Another user noted that they had lost more than $100K because of the breach, adding that they had learnt how to respond in such circumstances.

“Nice to at least know how I respond when I lose over $100K in the space of an hour. Learned a little about myself today. Maybe it’s not about the money lads, it’s about what you learn along the way,” One user on Discord said.

IN similar exploits that have happened in the past, the protocols usually demand the hacker returns the money to the protocol in return for a bounty. While this does not usually work at all times, it guarantees that the users of these protocols will be made whole.

The price of Euler Finance’s native token has dropped by 8% in the last 24 hours. At the time of writing, the token was trading at $2.87. the token is currently down by  61% in the last seven days amid selling pressure following the breach.