A day after hinting that they were open for discussion, the Euler Finance hackers returned some of the stolen funds to the protocol. In addition, several on-chain messages were sent, which could testify to a desire to resolve the situation quickly on the side of the attackers.
Euler Finance recovers part of the stolen funds
On Saturday afternoon, the hackers behind the attack on the decentralized finance (DeFi) protocol Euler Finance returned some of the stolen funds. A first transaction of 51,000 ETH took place, then another of 7,737.25 ETH in a second time from another address, bringing it all to around $103.4 million at the time of this writing. :
Figure 1 — First transaction showing return of 51,000 ETH to Euler Finance
Even though he still missing almost half of the fundsit seems that the discussions started at the beginning of the week are starting to bear fruit, after the theft of the 197 million dollars on March 13th.
Furthermore, the attackers also moved approximately 43 million DAI in four different transactions across multiple addresses, one of which was used to return the 7,737.25 ETH discussed earlier. For the moment, these DAIs have not moved since.
👉 To go further — Find our guide on best practices to limit the risk of hacking
The best way to secure your cryptocurrencies 🔒
🔥 The world leader in crypto security
🎧 Listen to this article and all other crypto news on Spotify
Beyond the return of funds, there are transactions on the various addresses involved that carry some interesting messages. While these messages may be difficult to interpret from the outside, they may suggest communication difficulties between Euler Finance teams and their attackers.
In one of these messages, sent identically at least twice on the “Euler Deployer” smart contract, the hackers ask to be contacted quickly on the email address indicated and that they would not be interested in a any bonus:
Figure 2 — Example of one of the messages sent to Euler Finance
It is also possible to deduce that the person or persons behind the hack may have already sought to exchange without success, because the address identified as “Euler Finance Exploiter 2” sent transactions to itself for invite the communicators to deactivate the anti-spam filter to see the answers sent :
Figure 3 — Message sent by Euler Finance Exploiter 2 address to itself
In addition, we can also identify at least one other transaction addressed to Euler Finance, simply containing the message “sheeps4music at mail2tor.com”. Given that Mail2Tor is an anonymous email communication service accessible from the Tor browsersheeps4music could therefore be the pseudo to address communications.
It is curious to observe the insistence with which the hackers seek to trade with Euler Finance. With the information at our disposal, it is impossible for us to draw reliable conclusions on the real reason for these actions, although it could suggest a desire to reach an agreement quickly.
On the protocol side, Euler Labs has not, for the moment, not yet given official information on his Twitter profileabout this return of funds.
👉 Also in the News — Why did Binance’s trading services go down on Friday?
🎁 Cryptoast Research Launch Offer
1st Newsletter Free with the code TOASTNL
Receive a summary of crypto news every Monday by email 👌
What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of this savings. Do not invest if you are not ready to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.