Last week, Euler Finance, a decentralized finance (DeFi) platform for borrowing and lending cryptocurrencies, suffered a nearly $200 million attack. The hacker, who had drained various cryptocurrencies using a flash loan exploit, sent a message to an Ethereum address linked to the platform, offering to begin a dialogue after Euler Finance issued an on-chain ultimatum demanding the return of the funds.
The message embedded in an Ethereum transaction read: “We want to make this easy on all those affected. No intention of keeping what is not ours. Setting up secure communication. Let us come to an agreement.” A Euler Finance representative confirmed to Decrypt that the company had seen the message, but declined to comment further.
Days after the attack, Euler Finance sent an on-chain message offering the hacker a deal to keep 10% of the $200 million stolen if they returned the remainder within 24 hours. When that did not happen, Euler Finance publicly announced a $1 million reward for information leading to the hacker’s arrest and the return of all funds. Apparently undeterred by the $1 million reward, the attacker sent funds tied to the Euler exploit to the Tornado Cash mixing service on March 16th—the ten transactions totaled 1,000 ETH, or about $1.78 million today.
According to blockchain analysis firm Chainalysis, 2022 was the biggest year for crypto hacks and exploits to date, with some $3.8 billion stolen across DeFi protocols, centralized services, and more. Hackers linked to North Korea allegedly were responsible for $1.7 billion worth of the attacks. In a report released after the Euler Finance attack, Chainalysis reported that some of the ETH was sent to a wallet tied to last year’s Axie Infinity Ronin bridge hack, which North Korea’s state-sponsored Lazarus hacking group is believed to have conducted. That may point to the involvement of Lazarus in the Euler attack, Chainalysis wrote, but it could also be an attempt at misdirection by an unrelated attacker.
The Euler Finance attack highlights the vulnerability of DeFi platforms and the need for stronger security measures. DeFi promises a more open and decentralized financial ecosystem, but it also presents new risks and challenges that must be addressed. As DeFi grows in popularity, it will become a more attractive target for hackers, and platforms must take proactive measures to mitigate these risks.
One of the primary challenges of DeFi is the open and permissionless nature of the ecosystem. Any user can participate and deploy smart contracts, which can be vulnerable to attack if not designed and audited properly. Platforms must take a risk-based approach to security and prioritize security measures based on the level of risk posed by each component of the system.
In addition to implementing security measures, platforms must also create a culture of security and awareness among users. Users must be educated on the risks of DeFi and how to protect themselves from potential attacks. This includes using strong passwords, two-factor authentication, and keeping private keys secure.
Finally, platforms must be transparent and open in communicating security incidents to users. When a security incident occurs, platforms must take swift action to mitigate the damage and keep users informed of the situation. This includes providing regular updates and timelines for resolution, as well as offering compensation or refunds to affected users.
The Euler Finance attack is a wake-up call for the DeFi industry to take security seriously. While the attack was devastating, it also presents an opportunity for platforms to improve their security measures and create a more resilient and secure DeFi ecosystem. The industry must work together to address these challenges and build a more secure and trustworthy financial ecosystem for all users.
