Ethereum-based noncustodial lending protocol Euler finance is attempting to chop a cope with the exploiter that stole hundreds of thousands from its protocol, demanding the hacker returns 90% of the funds they stole inside 24 hours or face authorized penalties.
The platform was exploited for $196 million on March 13 and Euler Labs despatched its ultimatum to the flash mortgage attacker by transferring them 0 Ether (ETH) with an connected message on March 14:
“Following up on our message from yesterday. If 90% of the funds are not returned within 24 hours, tomorrow we will launch a $1M reward for information that leads to your arrest and the return of all funds.”
euler simply despatched an on-chain message to the hacker pic.twitter.com/0wKIW51NjM
— 0xngmi (llamazip arc) (@0xngmi) March 14, 2023
The menace of regulation enforcement comes as Euler sent the hacker a way more civil message the day earlier than.
“We understand you are responsible for this morning’s attack on the Euler platform,” it learn. “We are writing to see whether you would be open to speaking with us about any potential next steps.”
The request for a 90% fund return would see the hacker ship again $176.4 million whereas holding onto the remaining $19.6 million.
However, many observers have famous that the hacker has little or no to no incentive to observe via with the deal.
Look over your shoulder for the remainder of your life, or take a $20m deal. No brainer.
Although, they might simply be state actors and aren’t actually frightened about low ranges feds. https://t.co/i5zUSDqFca
— drnick ️² (@DrNickA) March 15, 2023
“If I was the hacker I’d simply say “to anyone who manages to track me down, I will give you $2 million not to tell Euler,” one observer said.
“Yeh he has 200 Million they have 2 Million. He wins in a bidding war”, one other Twitter consumer wrote in response.
Euler Labs mentioned they’re already working with regulation enforcement within the United States and the United Kingdom together with partaking blockchain intelligence platforms Chainalysis, TRM Labs and the broader Ethereum group to assist monitor down the hacker.
An replace on our work at present to get better funds for Euler protocol customers.
Here are a couple of actions we took instantly:
1. Stopped the direct assault as quickly as potential by serving to disable the EToken module, which blocked deposits and the weak donation perform
2. Engaged TRM… https://t.co/6ZClE9uGoH
— Euler Labs (@eulerfinance) March 14, 2023
Related: DeFi protocol Platypus suffers $8.5M flash mortgage assault, suspect recognized
The lending platform added it was in a position to promptly cease the flash mortgage assault by blocking deposits and the “vulnerable” donation perform.
As for the exploited code, the workforce defined the vulnerability “was not discovered” in its sensible contract audit, which existed on-chain for eight months till it was exploited on March 13.
Euler Labs works with varied safety teams to carry out audits of the Euler Finance protocol.
While the weak code was reviewed and permitted throughout an out of doors audit, the vulnerability was not found as a part of the audit.
The vulnerability remained on-chain for eight… https://t.co/M3PYSOwHhL
— Euler Labs (@eulerfinance) March 14, 2023
