Crypto Company Loses $200m To Hackers

Uploaded on 2023-03-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The British crypto lending protocol firm Euler Finance has suffered a loss of almost $200m on March 13, following a flash-loan attack. The firm provides a DeFi protocol on Ethereum that it claims allows users to lend and borrow almost any crypto asset. 

DeFi protocols are codes, procedures and rules which govern the systems used in DeFi and enable crypto investors  trade, lend, stake tokens, amongst other actions. 

Flash-loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service and using the large sums involved to manipulate the market and other DeFI services. 

The crypto assets taken in the hack include the stablecoins USDC ($34.1M) and Dai ($8.8M), as well as Wrapped Bitcoin ($18.9M) and Staked Ether ($137.1M). The price of Euler’s crypto token fell dramatically following the news of the attack.

Funds used to perpetrate the attack originated from a Monero wallet. Monero is an example of a type of crypto-currency known as a "privacy coin", which unlike bitcoin does not have a clear public ledger of transactions. Euler have communicated with the attacker, by sending on-chain messages to the Ethereum account holding the stolen assets saying that if 90% of the funds are not returned within 24 hours they will launch a $1million reward for information leading to an arrest and the funds return.

A subsequent analysis of this attack revealed that a flaw in one of Euler Finance's smart contracts was exploited to steal the assets and the proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.

Euler said it stopped the attack “as soon as possible” by disabling the EToken module, which “blocked deposits and the vulnerable donation function”. Euler also said it had shared details with US and British  law enforcement.

Euler Finance:   Elliptic:    CoinDesk:    Defiant.io:   Infosecurity Magazine:   Silicon Republic    Techcrunch:   

Yahoo:  

You Might Also Read:

Standing On The Cryptocurrency Frontier:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Is Banned From British Government Phones
Turning The Tables On Tomorrow's Threat Agent  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

ICTSecurity Portal

ICTSecurity Portal

The ICTSecurity Portal is an interministerial initiative in cooperation with the Austrian economy and acts as a central internet portal for topics related to security in the digital world.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

German Accelerator

German Accelerator

German Accelerator supports high-potential German startups in successfully entering the U.S. and Southeast Asian markets.

Software Diversified Services (SDS)

Software Diversified Services (SDS)

SDS provides the highest quality mainframe software and award-winning, expert service with an emphasis on security, encryption, monitoring, and data compression.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

Zemana

Zemana

Zemana provides innovative cyber-security solutions to deal with complex malicious software and other cyber threats.

Vala Secure

Vala Secure

Vala Secure is a cybersecurity and compliance consultancy that always stays ahead of regulations, future threats and ever-changing security environments.

Secuna Software Technologies

Secuna Software Technologies

Secuna is the most trusted Cybersecurity Testing Platform in the Philippines. Our pool of vetted security researchers will find and ethically report security vulnerabilities in your product.

Theta

Theta

Theta is a New Zealand owned technology consultancy. Our team of over 330 experienced professionals help organisations transform with technology.

AppSentinels

AppSentinels

Appsentinels are a group of security and technology experts with a mission to fix gaps in application security.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.