Euler Finance to enter talks with exploiter over the return of funds

Ethereum-based lending protocol Euler Finance could beryllium a measurement person to recovering funds stolen successful a $196 cardinal flash indebtedness attack past week, with backstage discussions present initiated with the exploiter.

In an on-chain message to Euler connected March 20, days aft sending funds to a red-flagged North Korean address, the exploiter claimed they present privation to “come to an agreement” with Euler.

“We privation to marque this casual connected each those affected. No volition of keeping what is not ours. Setting up unafraid communication. Let america travel to an agreement,” said the exploiter.

The hacker’s astir caller nationalist on-chain connection to Euler. Source: Etherscan

Hours later, Euler replied with its ain on-chain message, acknowledging the connection and asking the exploiter to speech “in private,” stating:

“Message received. Let's speech successful backstage connected blockscan via the Euler Deployer code and 1 of your EOAs, via signed messages implicit email astatine contact@euler.foundation, oregon immoderate different transmission of your choice. Reply with your preference.”

Euler’s latest nationalist on-chain connection to the hacker. Source: Etherscan

Euler had antecedently tried to chopped a woody with the exploiter aft the exploit, insisting that they instrumentality 90% of the funds they stole wrong 24 hours oregon perchance look ineligible consequences.

There was nary response, and 24 hours later, Euler launched a $1 bounty reward for immoderate accusation that could pb to the exploiter’s apprehension and instrumentality of the funds.

Related: Euler onslaught causes locked tokens, losses successful 11 DeFi protocols, including Balancer

While the individuality of the exploiter is not known, the caller connection utilized by the exploiter could suggest much than 1 idiosyncratic is involved.

In a March 17 tweet, blockchain analytics steadfast Chainalysis said the caller 100 Ether (ETH) transportation to a wallet code associated with North Korea could mean the hack is the work of the “DPRK” — the Democratic People’s Republic of Korea.

However, this could besides beryllium an effort to intentionally misdirect investigators, the steadfast said.

Other transactions from the exploiter’s wallet code see 3000 ETH, which was sent backmost to Euler Finance connected March 18, on with funds sent to crypto mixer Tornado Cash and adjacent an evident unfortunate of the exploit. 

https://t.co/4OBksAu9od pic.twitter.com/Zb3MIyex2f

On March 20, different code reached retired to Euler on-chain, claiming to person recovered a “solid drawstring of connections” that could assistance them find retired who and wherever the exploiter was.

Cointelegraph reached retired to the Euler Foundation for remark but did not person an contiguous response.