Crypto Company Loses $200m To Hackers

Uploaded on 2023-03-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The British crypto lending protocol firm Euler Finance has suffered a loss of almost $200m on March 13, following a flash-loan attack. The firm provides a DeFi protocol on Ethereum that it claims allows users to lend and borrow almost any crypto asset. 

DeFi protocols are codes, procedures and rules which govern the systems used in DeFi and enable crypto investors  trade, lend, stake tokens, amongst other actions. 

Flash-loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service and using the large sums involved to manipulate the market and other DeFI services. 

The crypto assets taken in the hack include the stablecoins USDC ($34.1M) and Dai ($8.8M), as well as Wrapped Bitcoin ($18.9M) and Staked Ether ($137.1M). The price of Euler’s crypto token fell dramatically following the news of the attack.

Funds used to perpetrate the attack originated from a Monero wallet. Monero is an example of a type of crypto-currency known as a "privacy coin", which unlike bitcoin does not have a clear public ledger of transactions. Euler have communicated with the attacker, by sending on-chain messages to the Ethereum account holding the stolen assets saying that if 90% of the funds are not returned within 24 hours they will launch a $1million reward for information leading to an arrest and the funds return.

A subsequent analysis of this attack revealed that a flaw in one of Euler Finance's smart contracts was exploited to steal the assets and the proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.

Euler said it stopped the attack “as soon as possible” by disabling the EToken module, which “blocked deposits and the vulnerable donation function”. Euler also said it had shared details with US and British  law enforcement.

Euler Finance:   Elliptic:    CoinDesk:    Defiant.io:   Infosecurity Magazine:   Silicon Republic    Techcrunch:   

Yahoo:  

You Might Also Read:

Standing On The Cryptocurrency Frontier:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Is Banned From British Government Phones
Turning The Tables On Tomorrow's Threat Agent  »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

EC-Council

EC-Council

EC-Council is a member-based organization that certifies individuals in various e-business and information security skills.

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

Global Market Innovators (GMI)

Global Market Innovators (GMI)

Global Market Innovators (GMI) delivers secure technology solutions to organizations in need.

Buchanan Technologies

Buchanan Technologies

Buchanan Technologies is a leading IT consulting and outsourcing services firm. Our methodology transforms everyday technology investments into streamlined, secure and scalable solutions.

TuxCare

TuxCare

TuxCare make Linux more secure. We take care of Linux so that organizations can use Linux to support environments that require high levels of Cybersecurity, stability, and availability.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Digital Security Authority (DSA)

Digital Security Authority (DSA)

The establishment of the Digital Security Authority, which incorporates the National CSIRT, is crucial to significantly raising the cybersecurity posture and capabilities of Cyprus.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.

NopalCyber

NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant.

Lithuanian Cyber Command (LTCYBERCOM)

Lithuanian Cyber Command (LTCYBERCOM)

The Lithuanian Cyber Command is responsible for planning and execution of operations in cyberspace and installation of strategic and operational communications and information systems.

Tulpa AI

Tulpa AI

Tulpa develops safe AI assistants (co-pilots) to support and enhance human performance in high-stakes, mission-critical decision-making environments.