Crypto Company Loses $200m To Hackers
The British crypto lending protocol firm Euler Finance has suffered a loss of almost $200m on March 13, following a flash-loan attack. The firm provides a DeFi protocol on Ethereum that it claims allows users to lend and borrow almost any crypto asset.
DeFi protocols are codes, procedures and rules which govern the systems used in DeFi and enable crypto investors trade, lend, stake tokens, amongst other actions.
Flash-loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service and using the large sums involved to manipulate the market and other DeFI services.
The crypto assets taken in the hack include the stablecoins USDC ($34.1M) and Dai ($8.8M), as well as Wrapped Bitcoin ($18.9M) and Staked Ether ($137.1M). The price of Euler’s crypto token fell dramatically following the news of the attack.
Funds used to perpetrate the attack originated from a Monero wallet. Monero is an example of a type of crypto-currency known as a "privacy coin", which unlike bitcoin does not have a clear public ledger of transactions. Euler have communicated with the attacker, by sending on-chain messages to the Ethereum account holding the stolen assets saying that if 90% of the funds are not returned within 24 hours they will launch a $1million reward for information leading to an arrest and the funds return.
A subsequent analysis of this attack revealed that a flaw in one of Euler Finance's smart contracts was exploited to steal the assets and the proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.
Euler said it stopped the attack “as soon as possible” by disabling the EToken module, which “blocked deposits and the vulnerable donation function”. Euler also said it had shared details with US and British law enforcement.
Euler Finance: Elliptic: CoinDesk: Defiant.io: Infosecurity Magazine: Silicon Republic Techcrunch:
You Might Also Read:
Standing On The Cryptocurrency Frontier:
___________________________________________________________________________________________
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible