After 23 days since the hack, Euler Finance declared that all funds that could be recovered had been recovered, which meant the $1 million bounty had ended.
After being plundered of $196 million in a flash loan attack, Euler Finance was able to persuade its hacker to return the majority of the stolen funds. Several back-and-forths over 23 days ultimately led to the hacker doing “the right thing.”
On March 13, a hacker at Euler Finance conducted several transactions, each draining millions of dollars in various tokens, including Dai DAI, staked Ether (StETH), and wrapped Bitcoin (WBTC).
So, the total value of Euler’s smart contracts has fallen from more than $311 million to $10.37 million. 11 distinct decentralized finance (DeFi) protocols, namely Balancer, Yearn.finance, and Yield Protocol, froze or lost funds in the end.
At 10:00 UTC Balancer contributors became aware of an exploit on Euler. It was determined the best course of action was to pause and put into recovery mode bbeUSD (Euler Boosted USD) and all pools containing bbeUSD. This was executed by the emergency subDAO at 11:00 UTC.
— Balancer (@Balancer) March 13, 2023
In response, Euler took proactive measures to recuperate funds on March 15, initially disabling its vulnerable etoken module and donation function. In addition, it worked with auditing firms to identify the exploit’s root cause.
An update on our work today to recover funds for Euler protocol users.
Here are a few actions we took immediately:
1. Stopped the direct attack as soon as possible by helping disable the EToken module, which blocked deposits and the vulnerable donation function
2. Engaged TRM…
— Euler Labs🛢️🇬🇧 (@eulerfinance) March 14, 2023
At the same time, Euler attempted to negotiate a bounty with the hackers. On March 15, Euler issued an ultimatum to the hacker, threatening to offer a $1 million reward for information leading to the hacker’s arrest if 90% of the stolen funds were not returned. This deal would permit the hacker to escape with $19.6 million.
Read More: Euler Finance’s Bold Offer to Hacker: Keep $20M or Risk Prosecution
On the other side, the hacker began transferring funds selectively. After convincing the hacker that his life savings had been stolen in Euler’s hack, one victim received 100 Ether. The hacker returned the stolen funds, which varied in value, over several days.
In the midst of the upheaval, Euler Labs CEO Michael Bentley disclosed that ten consecutive audits conducted for two years determined the protocol to be “low risk” with “no outstanding issues.”
After being ghosted mid-conversation while attempting to negotiate a settlement, Euler issued a $1 million bounty against the hacker on March 21. Beginning on March 25, the hacker began repeatedly returning large amounts of the stolen assets.
On April 4, 23 days after the theft, Euler Finance declared the total probable recovery of the stolen funds, putting an end to the $1 million bounty. The protocol stated, “Since the exploiter did the right thing and returned the funds, the Euler Foundation’s $1 million reward campaign will no longer accept new information.”
Because the exploiter did the right thing and returned the funds, and the $1 million reward campaign launched by the Euler Foundation will no longer be accepting new information.
Full details to follow tomorrow.
— Euler Labs🛢️🇬🇧 (@eulerfinance) April 3, 2023
In the final transactions, the hacker delivered 12 million DAI and 10,580 ETH across multiple transactions. The cryptocurrency community commended Euler Finance’s efforts to recover investor funds and restore investor confidence.
Gnosis, the creators of Gnosis Secure multisig and Gnosis Chain, has recently introduced a hash oracle aggregator to strengthen the security of bridges by requiring multiple bridges to authenticate a withdrawal.