{"id":75651,"date":"2023-03-16T12:01:57","date_gmt":"2023-03-16T10:01:57","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=75651"},"modified":"2025-09-10T12:51:10","modified_gmt":"2025-09-10T09:51:10","slug":"hacker-who-breached-euler-finance-has-returned-stolen-funds-to-user","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hacker-who-breached-euler-finance-has-returned-stolen-funds-to-user\/","title":{"rendered":"Hacker who breached Euler Finance has returned stolen funds to user"},"content":{"rendered":"<p>An unknown user sent the hacker who breached the DeFi protocol Euler Finance a transaction requesting the return of the lost funds.<\/p>\n<p><!--more--><\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">?For anyone who gets affected by the <a href=\"https:\/\/twitter.com\/hashtag\/Euler?src=hash&#038;ref_src=twsrc%5Etfw\">#Euler<\/a> hack, watch this:<\/p>\n<p>Someone(0x2a) sends a message to the hacker saying his life-saving (78 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a>) is in <a href=\"https:\/\/twitter.com\/eulerfinance?ref_src=twsrc%5Etfw\">@eulerfinance<\/a>.<\/p>\n<p>The hacker then sends him 100 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a>.<br \/>If 0x2a is being honest, it made extra 22 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> back.<a href=\"https:\/\/t.co\/esoHOofXM0\">https:\/\/t.co\/esoHOofXM0<\/a> <a href=\"https:\/\/t.co\/n6iEa4PKpB\">pic.twitter.com\/n6iEa4PKpB<\/a><\/p>\n<p>\u2014 0xScope (? . ?) (@ScopeProtocol) <a href=\"https:\/\/twitter.com\/ScopeProtocol\/status\/1636215381126938624?ref_src=twsrc%5Etfw\">March 16, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>He wrote that his &#8220;life-saving&#8221; savings of 78 ETH (~$128,500 at the time of writing) were on the platform when the incident occurred.<\/p>\n<p>After some time the hacker sent 100 ETH (~$164,775) to the user&#8217;s wallet.<\/p>\n<p>On March 13, the attacker <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-hacked-for-196-million\">took advantage of<\/a> the exploit in the <a href=\"https:\/\/u1f987.com\/en\/news\/what-are-flash-loans\">instant-loan<\/a> mechanism of Euler Finance, posting unsecured collateral. As a result, the hacker managed to liquidate the debt and withdraw assets from the platform worth $196 million.<\/p>\n<p>Later, the protocol team <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-team-blocks-vulnerable-module\">disabled the vulnerable EToken<\/a> module. The project notified U.S. and U.K. law enforcement about the breach.\u00a0<\/p>\n<p>Euler Finance also reached out to analytics firms Chainalysis and TRM Labs for help in the investigation. According to Sherlock, the vulnerability went undetected for eight months.\u00a0<\/p>\n<p>Later, Euler <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-team-demands-hacker-return-90-of-stolen-funds\">proposed<\/a> to the hacker to return 90% of the stolen funds within 24 hours. Otherwise, the protocol will offer a $1 million bounty for any information that leads to the capture of the offender.<\/p>\n<p>As reported in February 2023, DeFi projects <a href=\"https:\/\/u1f987.com\/en\/news\/in-february-2023-defi-projects-lost-about-21-4-million-to-hacks\">lost $21.4 million<\/a> due to seven hacks. According to DeFi Llama, the largest loss was the exploitation of the Platypus Finance protocol <a href=\"https:\/\/u1f987.com\/en\/news\/platypus-defi-protocol-on-avalanche-loses-8-5-million-in-hack\">for $8.5 million<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An unknown user sent the Euler Finance hacker a transaction requesting the return of the lost funds.<\/p>\n","protected":false},"author":1,"featured_media":75652,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1093],"class_list":["post-75651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"22","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=75651"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75651\/revisions"}],"predecessor-version":[{"id":75653,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75651\/revisions\/75653"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/75652"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=75651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=75651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=75651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}