Euler Finance hacker starts returning stolen Ether back to the Foundation
Chances that the hacker will return the entire loot of $197 million remain slim as no more outbound transactions — other than the 3,000 ETH — were recorded at the time of writing.
The recent attack that drained $197 million off Euler Finance was dubbed the biggest decentralized finance (DeFi) hack in 2023 so far. However, this may not hold true for much longer as the hacker reportedly had a change of heart.
On March 18, roughly 3,000 Ether (ETH) — worth $5.4 million — were returned to Euler Finance’s deployer address from the Euler Finance hacker’s address. Blockchain investigator Peckshield identified three transactions that were used to send the funds.
— PeckShield Inc. (@peckshield) March 18, 2023
Cointelegraph confirmed that 1,000 ETH per transaction was transferred to Euler’s deployer account. However, chances that the hacker will return the entire loot of $197 million remain slim as no more outbound transactions were recorded at the time of writing.
On March 16, Euler Finance announced a $1 million reward in hopes to track down the hacker and retrieve the funds.
Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.
— Euler Labs (@eulerfinance) March 15, 2023
The exploiter was able to drain $197 million through multiple transactions and later used a multichain bridge to transfer the funds from the BNB Smart Chain to Ethereum.
Related: Euler Finance hacked despite 10 audits in 2 years, says CEO
Soon after a $1 million bounty was announced against the attacker, the stolen funds were seen being moved into crypto mixer Tornado Cash.
#PeckShieldAlert @eulerfinance exploiter on the move
~1,000 $ETH into Tornado Cash through intermediary address 0xc66d…c9ahttps://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn
— PeckShieldAlert (@PeckShieldAlert) March 16, 2023
Euler Finance demanded that the hacker return 90% of the funds within 24 hours to avoid possible jail time.