Euler hacker seemingly taking their chances, sends funds to crypto mixer
Before the move, the hacker apparently refunded at least one victim, leading to a slew of on-chain messages from other purported victims.
The hacker responsible for the $196 million attack on Euler Finance has begun moving funds into crypto mixer Tornado Cash, only hours after a $1 million bounty was launched to uncover the hacker’s identity.
Blockchain analytics firm PeckShield tweeted on March 16 that the exploiter behind the flash loan attack on the Ethereum noncustodial lending protocol was “on the move.”
The exploiter transferred 1,000 Ether (ETH), approximately $1.65 million, through sanctioned crypto mixer Tornado Cash.
#PeckShieldAlert @eulerfinance exploiter on the move
~1,000 $ETH into Tornado Cash through intermediary address 0xc66d…c9ahttps://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn
— PeckShieldAlert (@PeckShieldAlert) March 16, 2023
It comes only hours after Euler Labs tweeted that it was launching a $1 million reward for information leading “to the Euler protocol attacker’s arrest and the return of all funds.”
Just a day earlier, Euler sent an on-chain message to the exploiter’s address, warning it would launch a bounty “that leads to your arrest and the return of all funds” if 90% wasn’t returned within 24 hours.
The movement of the funds to the crypto mixer could indicate that the hacker is not being swayed by Euler’s amnesty offer.
Peckshield noted that around 100 ETH, worth $165,202 at the time of writing, was sent to a wallet address that is likely owned by one of the victims. An on-chain message sent by the wallet address had earlier pleaded for the attacker for the return of their “life savings.”
WOW!@eulerfinance Exploiter returned 100 $ETH to some guy who begged him for the money back as it was his life savingshttps://t.co/Gz9aCUZB0H pic.twitter.com/DhZBenqtuS
— Wazz (@WazzCrypto) March 16, 2023
This led to a slew of other victims sending messages to the address in hopes of also getting their funds returned.
Related: Euler attack causes locked tokens, losses in 11 DeFi protocols, including Balancer
One message stated they “are twenty-six families from jobless rural areas,” who lost “a million USDT in total,” adding their share of funds in the protocol was the “life-savings from our past decades of work in factories.”
Another apparent victim messaged the attacker congratulating them on the “big win” and said they invested funds into Euler they “desperately needed” for a house.
“My wife is going to kill me if we can’t afford our house […] Is there anyway [sic] you can help me? I have no idea what to tell my wife,” they wrote.
According to on-chain data, the $196 million stolen from Euler consisted of Dai (DAI), USD Coin (USDC), staked ETH and wrapped Bitcoin (WBTC).