{"id":75933,"date":"2023-03-21T15:43:12","date_gmt":"2023-03-21T13:43:12","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=75933"},"modified":"2025-09-10T14:29:17","modified_gmt":"2025-09-10T11:29:17","slug":"euler-finance-hacker-reaches-out-to-developers","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/euler-finance-hacker-reaches-out-to-developers\/","title":{"rendered":"Euler Finance hacker reaches out to developers"},"content":{"rendered":"<p>The hacker who breached the DeFi protocol Euler Finance contacted the project&#8217;s developers via on-chain messages.<\/p>\n<p><!--more--><\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\"><a href=\"https:\/\/twitter.com\/hashtag\/CertiKSkynetAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#CertiKSkynetAlert<\/a> ?<\/p>\n<p>Lending platform <a href=\"https:\/\/twitter.com\/eulerfinance?ref_src=twsrc%5Etfw\">@eulerfinance<\/a> received on-chain messages earlier today from the exploiter.<\/p>\n<p>The exploiter seeks to come to an agreement and have \u00abno intention of keeping what is not theirs.\u00bb<\/p>\n<p>Their full message and the Euler response seen below ? <a href=\"https:\/\/t.co\/4eLbUIf5br\">pic.twitter.com\/4eLbUIf5br<\/a><\/p>\n<p>\u2014 CertiK Alert (@CertiKAlert) <a href=\"https:\/\/twitter.com\/CertiKAlert\/status\/1638008865055813632?ref_src=twsrc%5Etfw\">March 21, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Blockchain security company CertiK published screenshots of the correspondence.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWe want to resolve the situation for all those affected. We have no intention of taking what does not belong to us. Let us establish a secure line of communication and come to an agreement,\u201d the hacker wrote.<\/p>\n<\/blockquote>\n<p>Euler representatives responded to the message and proposed contacting via <span data-descr=\"Externally Owned Accounts \u2014 this is a type of blockchain account controlled by public and private keys\" class=\"old_tooltip\">EOA<\/span> or email. The company added that they were ready to hear the hacker&#8217;s wishes.<\/p>\n<p>No official statements from project representatives have yet been issued.<\/p>\n<p>On March 13 the attacker illicitly withdrew assets worth more than <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-hacked-for-196-million\">$196 million<\/a> from the DeFi platform.<\/p>\n<p>The Euler Finance team after the incident <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-team-blocks-vulnerable-module\">blocked the vulnerable EToken module<\/a> and turned to law enforcement, as well as Chainalysis and TRM Labs for help with the investigation. The project demanded from the hacker <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-team-demands-hacker-return-90-of-stolen-funds\">return 90% of the stolen funds<\/a>.<\/p>\n<p>Because there was no response, the company announced a $1 million reward for any information that could lead to the hacker&#8217;s arrest.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker\u2019s arrest and the return of all funds extracted by the attacker.<\/p>\n<p>\u2014 Euler Labs (@eulerfinance) <a href=\"https:\/\/twitter.com\/eulerfinance\/status\/1636126837423366145?ref_src=twsrc%5Etfw\">March 15, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Later the hacker <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-behind-euler-finance-breach-sent-2-5-million-to-tornado-cash\">sent cryptocurrency worth about $2.5 million<\/a> to the mixer <a href=\"https:\/\/u1f987.com\/en\/news\/what-is-the-tornado-cash-mixer-and-why-was-it-sanctioned\">Tornado Cash<\/a>. Lookonchain analysts also reported that the attacker <a href=\"https:\/\/u1f987.com\/en\/news\/euler-finance-hacker-wallet-sent-100-eth-to-lazarus-group-address\">moved 100 ETH<\/a> to an address linked to the Lazarus Group, associated with <a href=\"https:\/\/u1f987.com\/en\/news\/ronin-the-ethereum-sidechain-hacked-attacker-siphons-625-million\">the Ronin network attack<\/a> in March 2022.<\/p>\n<p>Earlier in March 2023, the Tender.fi DeFi protocol hacker <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-returns-tender-fi-assets-worth-1-59-million-to-the-platform-for-a-bounty\">returned<\/a> assets in exchange for a reward of 62.16 ETH. In total, the hacker managed to withdraw $1.59 million from the platform.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Euler Finance hacker who breached the DeFi protocol contacted the project&#8217;s developers via on-chain messages.<\/p>\n","protected":false},"author":1,"featured_media":75934,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1093],"class_list":["post-75933","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"20","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75933","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=75933"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75933\/revisions"}],"predecessor-version":[{"id":75935,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75933\/revisions\/75935"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/75934"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=75933"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=75933"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=75933"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}