Crypto Company Loses $200m To Hackers

Uploaded on 2023-03-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The British crypto lending protocol firm Euler Finance has suffered a loss of almost $200m on March 13, following a flash-loan attack. The firm provides a DeFi protocol on Ethereum that it claims allows users to lend and borrow almost any crypto asset. 

DeFi protocols are codes, procedures and rules which govern the systems used in DeFi and enable crypto investors  trade, lend, stake tokens, amongst other actions. 

Flash-loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service and using the large sums involved to manipulate the market and other DeFI services. 

The crypto assets taken in the hack include the stablecoins USDC ($34.1M) and Dai ($8.8M), as well as Wrapped Bitcoin ($18.9M) and Staked Ether ($137.1M). The price of Euler’s crypto token fell dramatically following the news of the attack.

Funds used to perpetrate the attack originated from a Monero wallet. Monero is an example of a type of crypto-currency known as a "privacy coin", which unlike bitcoin does not have a clear public ledger of transactions. Euler have communicated with the attacker, by sending on-chain messages to the Ethereum account holding the stolen assets saying that if 90% of the funds are not returned within 24 hours they will launch a $1million reward for information leading to an arrest and the funds return.

A subsequent analysis of this attack revealed that a flaw in one of Euler Finance's smart contracts was exploited to steal the assets and the proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.

Euler said it stopped the attack “as soon as possible” by disabling the EToken module, which “blocked deposits and the vulnerable donation function”. Euler also said it had shared details with US and British  law enforcement.

Euler Finance:   Elliptic:    CoinDesk:    Defiant.io:   Infosecurity Magazine:   Silicon Republic    Techcrunch:   

Yahoo:  

You Might Also Read:

Standing On The Cryptocurrency Frontier:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Is Banned From British Government Phones
Turning The Tables On Tomorrow's Threat Agent  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

SolarWinds

SolarWinds

SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Pathway Forensics

Pathway Forensics

Pathway Forensics is a leading provider of computer forensics, e-discovery services and digital investigations.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

CyberCareers.gov

CyberCareers.gov

CyberCareers.gov is a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

CyberForum

CyberForum

CyberForum supports businesses from the IT and high-tech industry in all stages of their development: from startup consulting to professional staffing and even location marketing campaigns.

Blackfoot Cybersecurity

Blackfoot Cybersecurity

At Blackfoot, we work in partnership with you to deliver on-demand cyber security expertise and assurance, keeping you one step ahead of threats & compliant with regulations.

DEFENTEK - National Security Informatics

DEFENTEK - National Security Informatics

Defentek (aka National Security Informatics) is a technology consortium covering a broad spectrum of intelligence computing solutions and interception technologies.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

CloudCoCo

CloudCoCo

CloudCoCo help UK businesses of all sizes and industries succeed by providing enterprise-grade technology at small-business prices.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.