Euler Finance received 3,000 ETH worth $5.4m back from the Euler Financial exploiter, indicating a possible agreement between the platform and the hacker.
On March 18, the Euler Finance exploiter sent around 3,000 ETH ($5.4m) to the deployer address of the site. PeckShield, a blockchain investigator, found three transactions that were used to transmit money.
On March 13, Euler Financial was the target of a flash loan assault in which the hacker made off with $197 million. Four transactions totaling $136 million staked ether (stETH), $34 million USDC, $19 million wrapped bitcoin (WBTC), and $8.7 million DAI were used to steal the money.
By using a flash loan to influence the protocol’s internal marketplaces, the attacker depleted their financial resources.Eventually, the hacker sent $1.80 million worth of stolen funds—or 1,100 ETH—to the cryptocurrency mixer Tornado Cash.
On March 14, the protocol offered the exploiter a 10% prize in exchange for returning 90% of the stolen money. However, it issued a warning that it would provide a $1 million reward for information that would result in their capture and the recovery of all monies if the funds were not returned within 24 hours.
Attacker transfers money to Lazarus Group, According to Lookonchain, the hacker delivered 100 ETH ($170,500) on March 17 to a wallet linked to the Lazarus Group’s Ronin, a North Korean hacking squad. It is unknown if Lazarus Group is a complicit party or affiliated with the Euler Financial abuser.
Lazarus Group was added to the list of entities with special designation by the U.S. Treasury Department in April 2022.Unknown is if the attacker intends to return the remaining money.
