SEPOY.net
No Result
View All Result
Sunday, June 22, 2025
  • Home
  • News
  • Business
  • Health
  • Tech
  • Lifestyle
  • Economy
  • Crypto
  • Travel
  • Home
  • News
  • Business
  • Health
  • Tech
  • Lifestyle
  • Economy
  • Crypto
  • Travel
No Result
View All Result
SEPOY.NET
No Result
View All Result
Home Crypto

$197 Million Stolen: Euler Finance Flash Loan Attack Explained

Nicholas by Nicholas
March 15, 2023
in Crypto
0
7 Million Stolen: Euler Finance Flash Loan Attack Explained

On March 13, 2023, Euler Financea permissionless borrowing and lending protocol on Ethereum, was the victim of a flash loan attack. Euler Finance isn’t the first DeFi hack victim this year — dForce and Platypus were similarly targeted in February — but it is unfortunately the largest. At a whopping near-$200 million loss, hackers stole funds in USDC, wrapped Bitcoin (wBTC), staked Ether (stETH), and DAI, an algorithmic stablecoin maintained by MakerDAO. A hack of this magnitude illustrates both the ongoing threats to widely used DeFi protocols and the potential hacking abuses opened up by flash loans.

READ ALSO

Bequeath his cryptos after his death – Changpeng Zhao's proposal

The ETHEREUM ETHEREUM DE BLACKROCK is on the rise: $ 750 million in ETH purchases and no sale in June

In this blog, we’ll explore how flash loans work, how hackers stole funds from Euler Finance, and how the effects of flash loan attacks may be mitigated in the future.

What is a flash loan?

Before analyzing the details of the Euler hack, it is important to understand how flash loans typically work. Flash loans are executed by smart contracts and enable participants to quickly borrow funds without the need for collateral. However, these loans must be repaid in full within the same transaction, or else the entire transaction, including the loan itself, will be reversed. Flash loans are attractive for DeFi traders looking to maximize arbitrage opportunities. They are also commonly used for swapping collateral and self-liquidation.

Although there are several legitimate uses of flash loans, hackers can also use them to manipulate DeFi protocols’ pricing oracles. They do this by taking advantage of the lack of collateralization to borrow huge amounts of funds, which they can then use to manipulate token prices, typically by buying or short selling high volumes of tokens with thin supply levels.

How the Euler Finance flash loan attack occurred

When users borrow and lend using the Euler Finance platform, they primarily transact with two types of tokens: eTokens (which represent collateral) and dTokens (which represent debt). Euler issues eTokens based on the types of funds deposited by users; dTokens automatically trigger on-chain liquidation when the platform holds more dTokens than eTokens.

The hack was made possible by a liquidity issue in the DonateToReserve function of the eToken. This function was properly burning eTokens, but not dTokens, leading to an incorrect conversion of borrowed assets to collateralized assets. Euler’s hacker took advantage of these inconsistencies to create a false impression that the platform had a low amount of deposited eTokens and fake debt due to the fact that the dTokens were not burned.

We currently have reason to believe that there were two primary on-chain entities involved in the hack: a front-running MEV bot (using the wallet 0x5F259D0b76665c337c6104145894F4D1D2758B8c) and the hacker’s primary personal wallet (using the wallet 0xb66cd966670d962C227B3EABA30a872DbFb995db). The hacker hardcoded their lending contract so that the personal wallet received most of the funds, regardless of which entity executed which transactions.

The hacker received initial funding from the sanctioned mixer Tornado Cash for gas fees and to create the contracts used in the exploit, then initiate a flash loan to borrow around $30 million in DAI from the DeFi protocol Aave. After this, the hacker deposited $20 million of that DAI into Euler’s platform, receiving a similar amount in eDAI tokens. By leveraging Euler’s borrowing capabilities, the hacker was able to borrow 10 times the original deposited amount. The hacker then used the remaining $10 million in DAI from the original loan to repay part of the acquired debt (dDAI) and reused the mint function to borrow again until the flash loan was closed. After the hack was complete, the hacker moved some of the funds back to Tornado Cash. Investigators would need to employ advanced investigative techniques like those Chainalysis offers to pursue the funds further.

We can see some of these steps in the Chainalysis Storyline graph below:

Open in new tab to enlarge

Overall, Euler lost roughly $197 million worth of cryptocurrency, spread across DAI, wBTC, stETH, and USDC. Additionally, Euler’s native token, EUL, declined more than 45%.

Reducing hacking risks

Although it can be difficult to identify DeFi platform vulnerabilities, there may be several methods to mitigate risk of flash loan attacks to protect cryptocurrency participants from similar catastrophic events. For instance, circuit breakers could be used to temporarily halt protocols when there are unusually large price movements or outflows so that hacks can be stopped early. We will continue to monitor the Euler hack situation and provide updates as possible.

This material is for informational purposes only, and is not intended to provide legal, tax, financial, or investment advice. Recipients should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with Recipient’s use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in this report and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.


Related Posts

Bequeath his cryptos after his death – Changpeng Zhao's proposal
Crypto

Bequeath his cryptos after his death – Changpeng Zhao's proposal

June 21, 2025
The ETHEREUM ETHEREUM DE BLACKROCK is on the rise: $ 750 million in ETH purchases and no sale in June
Crypto

The ETHEREUM ETHEREUM DE BLACKROCK is on the rise: $ 750 million in ETH purchases and no sale in June

June 21, 2025
Have the owners of Tiktok bought $ 300 million in the same Trump?
Crypto

Have the owners of Tiktok bought $ 300 million in the same Trump?

June 20, 2025
Is the Bitcoin network abandoned in favor of centralized exchanges?
Crypto

Is the Bitcoin network abandoned in favor of centralized exchanges?

June 20, 2025
New abduction linked to cryptos: a 23 -year -old man targeted for 5,000 euros and a Wallet LEGDER hardware
Crypto

New abduction linked to cryptos: a 23 -year -old man targeted for 5,000 euros and a Wallet LEGDER hardware

June 20, 2025
France: Goin becomes the 2nd Crypto company to obtain a mica approval issued by the AMF
Crypto

France: Goin becomes the 2nd Crypto company to obtain a mica approval issued by the AMF

June 20, 2025
Next Post
Why Are Animated Marketing Videos Important?

Why Are Animated Marketing Videos Important?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

About

Sepoy.net is a perfect place for people who want daily updates on news related to business, technology, entertainment, health, cryptocurrency etc.

Contact: hello@sepoy.net

Major Categories

News

Business

Tech

Economy

 

Recent Posts

  • Unsere besten Online Casinos 2025 iGaming com Land der dichter und denker
  • Beste Echtgeld Casinos Deutschland: Traktandum Verbunden Versorger 2025 inoffizieller mitarbeiter Test
  • Angeschlossen Spielsaal Provision diese Seite anklicken 2025 Auftreiben Sie Casino-Bonusangebote

Pages

  • About Us
  • Contact Us
  • Disclaimer
  • DMCA
  • Home
  • Privacy Policy

© 2023 Sepoy.net

No Result
View All Result
  • Home
  • Business
  • News
  • Health
  • Tech
  • Science
  • Lifestyle
  • Travel

© 2023 Sepoy.net