The architect of the March 13 Euler Finance exploit returned $26.5 million price of additional Ether (ETH) to the account of the implementer Euler Finance on March 27, on-chain data shows.
Another 13M for Euler’s team
20 million dai left within the wallet that sent it
Let’s go for it pic.twitter.com/rF8l6e7yYw
— GOD DCF (@dcfgod) March 27, 2023
At 18:21 UTC, the address related to the attacker sent 7,738.05 ETH (price roughly $13.2 million at time of confirmation) to Euler’s deployment account. In the identical block, one other address related to the attacker sent equivalent amount to the identical implementation account, a complete of 15,476.1 ETH (roughly USD 26.4 million) returned to the Euler team.
Then, at 18:40 UTC, the primary wallet sent one other transaction to an installer account price $10.7 million in stablecoin Dai (DAI). This brings the full of all three transactions to roughly $37.1 million.
Both of those addresses received funds from an account that Etherscan identifies as “Euler Finance Exploiter 2”, which seems to suggest that they’re under the control of the attacker.
These transactions followed a previous refund of 58,000 ETH (price over $101 million on the time) on March 25. In total, the attacker appears to have returned over $138 million price of crypto assets because the exploit.
Euler Finance’s Ethereum-based lending protocol was leveraged on March 13, with over $195 million price of ETH and tokens faraway from its smart contracts. Several protocols within the Ethereum ecosystem were depending on Euler in a technique or one other, and a minimum of 11 protocols announced that they suffered indirect losses from the attack.
According to an evaluation by Slowmist, the exploit occurred resulting from a faulty function allowed attacker to transfer the borrowed Dai to the reserve fund. By making this donation, the attacker was in a position to bankrupt his own account. The separate account was then used to liquidate the primary account with an enormous discount, allowing the attacker to reap the benefits of that discount.
After Dai was drained by this primary attack, the attacker repeated it for multiple tokens, removing over $196 million from the protocol.