After 197 million US dollars were stolen from the lending platform Euler last week, the hackers seem to want to negotiate a deal. “We want to make it easy for everyone involved. We have no intention of keeping what doesn’t belong to us,” the hackers said in one Message embedded in an Ethereum transaction. The platform previously issued an ultimatum and a $1 million bounty on its head. Euler responded to the offer of talks in a separate Ethereum transaction a. An agreement could be reached in the coming days.
Flash loan attack collapses Euler
The attack on the Euler lending platform stole a total of $197 million in cryptocurrencies – the most serious DeFi hack so far this year. The “Flash Loan Attack”, known as the Flash Loan Attack, exploited liquidity issues in the smart contract. Incorrect conversion of borrowed to collateralized crypto assets occurred. By chaining transactions, the attacker was able to deduct a multiple of the amount deposited.
In exchange for the stolen tokens, Euler initially offered the hacker ten percent of the loot as earnest money. The hacker didn’t respond, and Euler offered a $1 million reward for information. To cover the tracks, parts of the stolen funds were then transferred via the crypto mixer Tornado Cash.
Connections to North Korea?
On-chain data now shows that 100 ethers from the Euler hack were sent to an address that previously received funds from the Ronin Bridge attack. Over $600 million was stolen in the attack on the Ethereum sidechain in March last year. Blockchain evaluations revealed that the attack was orchestrated by North Korea’s hacking collective Lazarus.
“This could also mean that the Euler Finance hack was also performed by the Lazarus Group”, says the blockchain security company Chainalysis. Whether there is a connection to North Korea, however, cannot be said with certainty at the moment. There is also the possibility “that this money movement is an attempt to mislead another hacker group.”