$177 million in stolen funds from Euler Finance, a decentralized lending project, has been successfully recovered by the project’s recovery team. The hacker responsible for the theft returned the remaining sum of $31 million, consisting of 10,580 ETH and $12 million in DAI, through three transactions on Monday evening. This marked the end of the recovery process that began on March 18th when the hacker returned $5.4 million to Euler Finance.
The hacker used flash loans to execute a complex attack on Euler Finance on March 13, resulting in a loss of $197 million in cryptocurrency assets. To retrieve the stolen funds, Euler Finance offered the hacker a 10% bounty worth $19.7 million, with a warning to initiate a $1 million reward for information on the attacker if the remaining 90% of the funds were not returned.
Several decentralised finance (DeFi) platforms offer flash loans, a type of uncollateralized loan that enables users to borrow money without having to provide any security. The loan is granted and paid back all at once, frequently in a matter of seconds. Flash loans are feasible because of the distinctive architecture of DeFi platforms, which let users carry out complex financial transactions using smart contracts on a blockchain. Flash loans enable for massive sums of money to be borrowed and controlled in a single transaction, but hackers have also utilised them to carry out large scale attacks against various DeFi platforms.
The recovery process began with initial doubts when the hacker laundered $1.8 million through the crypto mixer Tornado Cash three days after the attack. However, the hacker continued to return funds at variable intervals, with the most significant tranche being $102 million in ETH. On March 28, the hacker sent a series of on-chain messages to their address, using the input data to share messages with the public, apologizing and promising to return the remaining funds as soon as possible.
Euler Finance had attempted to negotiate with the attacker, but it seemed that they had little incentive to follow through with the deal, as they would be holding onto $19.6 million even if the hacker returned 90% (the Defi platform requested the hacker to return at-least 90% of the stolen funds) of the funds. The company had also threatened to launch a $1 million bounty for information that leads to the hackers’ arrest if the funds were not returned.
The successful recovery of the stolen funds marks a rare positive resolution in the DeFi space, where large-scale hacks have become increasingly common. Euler Finance’s recovery team confirmed the successful recovery in a recent Twitter post, stating: “Following successful negotiations, all of the recoverable funds taken from the Euler protocol on March 13th have now been successfully returned by the exploiter.”
It is a testament to the project’s resilience and the determination of the recovery team in recovering the funds. The recovery has also demonstrated the importance of transparency and cooperation in the DeFi space, where stakeholders must work together to prevent and mitigate the effects of such attacks.
As the DeFi space continues to grow and evolve, it is essential to maintain the security and integrity of the ecosystem. The successful recovery of stolen funds from Euler Finance sets a precedent for the industry and serves as a reminder that stakeholders must remain vigilant and proactive in preventing and responding to cyber threats.