Euler Finance Threat Actor Returns Part of The Loot

In a surprising turn of events, the individual behind the March 13 Euler Finance exploit has returned an additional $26.5 million worth of Ether (ETH) to the Euler Finance deployer account on March 27, as evidenced by on-chain data. This comes after the attacker returned 58,000 ETH (valued at over $101 million at the time) on March 25. In total, the attacker has now returned over $138 million worth of crypto assets since the exploit.

Euler Finance, an Ethereum-based crypto lending protocol, suffered a devastating attack on March 13 that drained over $195 million worth of ETH and tokens from its smart contracts. The exploit impacted several protocols within the Ethereum ecosystem that relied on Euler, with at least 11 of them reporting indirect losses from the attack.

A recent analysis by Slowmist, a leading security firm, points to a faulty function as the cause of the exploit. The function allowed the attacker to donate their lent Dai (DAI) to a reserve fund, pushing their own account into insolvency. The attacker then utilized a separate account to liquidate the first account at a steep discount, profiting from the difference.

Following the return of the ETH on March 27, the attacker also sent $10.7 million worth of DAI to the Euler deployer account. This brings the total value of the returned assets to approximately $37.1 million. On-chain data suggests that the addresses involved in these transactions are under the control of the attacker, as they received funds from an account labeled "Euler Finance Exploiter 2" on Etherscan.

The unexpected return of the stolen funds raises questions about the attacker's motives and whether this might be an attempt to mitigate potential legal consequences. While the Euler Finance community may welcome the recovery of a significant portion of the stolen assets, the incident highlights the importance of stringent security measures and thorough audits in the ever-evolving world of decentralized finance (DeFi).

As the investigation into the Euler Finance exploit continues, it remains crucial for the DeFi community and policymakers to work together to develop best practices, standards, and regulations to prevent similar incidents in the future. The timely return of these funds, though unusual, serves as a critical reminder of the potential vulnerabilities that exist within the DeFi ecosystem and the need for constant vigilance.