Flash Loan Attack Drains $180 Million From Euler Finance

The decentralized finance (DeFi) sector recorded massive losses in 2022. While many expected a different story in 2023, bad actors have continued their game of exploiting DeFi. Some days back, Hedera revealed a loss of liquidity pools tokens when a hacker exploited its mainnet smart contract code.

But the latest DeFi attack occurred on Euler Finance, another decentralized finance protocol. According to on-chain sleuths, the attacker may have gotten away with more than $180 million in tokens. 

Euler Finance Loses Millions in Assets 

Certik Alert reported the incident on Twitter, revealing that the bad actors have stolen 41 million DAI and still counting. It went further to warn users to be alert as the exploit was still ongoing at the time of the tweet. 

After a few hours, Certik Alert updated that the hacker had stolen over $195 million from Euler Finance. It revealed that the assets comprise 96,800 ETH and 43.6 million DAI stablecoins, concluding that this was the largest exploit in 2023 so far.

Flash Loan Attack Drains $180M From Euler Finance
EUL price tanks by 50% l Source: Tradingview.com

Lookonchain also posted the attack revealing that the hackers have stolen massive DAI stablecoins and Ethereum tokens. 

Notably, CertiK Alert disclosed that the bad actors transferred 101 ETH tokens to 0xc66 before depositing them to TornadoCash. This crypto mixer masks the movement of assets by mixing them with others before sending them to a final destination. 

Etherescan data shows that the hackers sent the Euler Finance funds to two new wallets. One wallet has 34,186,225 DAIs and 88,752 ETHs, while the other holds more than 88,77,507 DAI tokens. 

On-chain sleuth ZachXBT thinks the bad actors are black hat hackers exploiting protocols on Binance Smart Chain some weeks back. 

Security Firm and Law Enforcement teams Up To Fix Exploit 

In response, the Euler Finance team has assured users of working to stop the exploit. The firm revealed that it had brought law enforcement and security professionals to the matter and will update the community soon. 

Notably, the security firm PeckShield alerted Euler Finance of the incident inviting them to work together and resolve it. Later, the security firm announced it had discovered the exploit’s root cause.

Meanwhile, the decentralized finance sector had recorded an exploit that led to a loss above $8.5 million. The incident occurred last month on Platypus, another decentralized finance protocol behind a stablecoin USP. The incident caused a 50% depeg of USP from USD.

The DeFi protocol announced the incident on Twitter, disclosing how the bad actors exploited a flaw in its USP solvency check. 

The team made several efforts to fight the incident, such as alerting Binance, Circle, and Tether to freeze the hacker’s funds and negotiating a bounty.

Featured image from Pixabay and chart from Tradingview

Source: https://bitcoinist.com/flash-loan-attack-drains-180-million-from-euler-finance/