{"id":563874,"date":"2023-03-15T08:54:49","date_gmt":"2023-03-15T05:54:49","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/euler-finances-offer-to-hacker-keep-20m-or-face-the-law\/"},"modified":"2023-03-15T08:54:49","modified_gmt":"2023-03-15T05:54:49","slug":"euler-finances-offer-to-hacker-keep-20m-or-face-the-law","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/euler-finances-offer-to-hacker-keep-20m-or-face-the-law\/","title":{"rendered":"# Euler Finance&#8217;s offer to hacker: Keep $20M or face the law"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a300e6869b01\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a300e6869b01\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/euler-finances-offer-to-hacker-keep-20m-or-face-the-law\/#%E2%80%9D_Euler_Finances_offer_to_hacker_Keep_20M_or_face_the_law_%E2%80%9C\" >&#8221; Euler Finance&#8217;s offer to hacker: Keep $20M or face the law &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Euler_Finances_offer_to_hacker_Keep_20M_or_face_the_law_%E2%80%9C\"><\/span>&#8221; Euler Finance&#8217;s offer to hacker: Keep $20M or face the law &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjMtMDMvOGUwY2JmYzUtNTc5YS00MGY3LTg5YTYtMjkyMDY0MTY0MmM5LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-48054ca8>Ethereum-based noncustodial lending protocol Euler finance is trying to cut a deal with the exploiter that stole millions from its protocol, demanding the hacker returns 90% of the funds they stole within 24 hours or face legal consequences.<\/p>\n<p>The platform was exploited for $196 million on March 13 and Euler Labs sent its ultimatum to the flash loan attacker by transferring them 0 Ether (ETH) with an attached message on March 14:<\/p>\n<blockquote><p>\u201cFollowing up on our message from yesterday. If 90% of the funds are not returned within 24 hours, tomorrow we will launch a $1M reward for information that leads to your arrest and the return of all funds.\u201d<\/p><\/blockquote>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">euler just sent an on-chain message to the hacker <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/0wKIW51NjM\">pic.twitter.com\/0wKIW51NjM<\/a><\/p>\n<p>\u2014 0xngmi (llamazip arc) (@0xngmi) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/0xngmi\/status\/1635769041909342208?ref_src=twsrc%5Etfw\">March 14, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>The threat of law enforcement comes as Euler <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/0xngmi\/status\/1635769398639173633?s=20\">sent<\/a> the hacker a much more civil message the day before.<\/p>\n<p>\u201cWe understand you are responsible for this morning\u2019s attack on the Euler platform,\u201d it read. \u201cWe are writing to see whether you would be open to speaking with us about any potential next steps.\u201d <\/p>\n<p>The request for a 90% fund return would see the hacker send back $176.4 million while holding onto the remaining $19.6 million.<\/p>\n<p>However, many observers have noted that the hacker has very little to no incentive to follow through with the deal.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Look over your shoulder for the rest of your life, or take a $20m deal. No brainer. <\/p>\n<p>Although, they could easily be state actors and aren\u2019t really worried about low levels feds. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/i5zUSDqFca\">https:\/\/t.co\/i5zUSDqFca<\/a><\/p>\n<p>\u2014 drnick \ufe0f\u00b2 (@DrNickA) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/DrNickA\/status\/1635802644752273411?ref_src=twsrc%5Etfw\">March 15, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>\u201cIf I was the hacker I\u2019d simply say \u201cto anyone who manages to track me down, I will give you $2 million not to tell Euler,\u201d one observer <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/b00mon\/status\/1635773121658777600\">said<\/a>.<\/p>\n<p>\u201cYeh he has 200 Million they have 2 Million. He wins in a bidding war\u201d, another <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> user <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/PatrickDehkordi\/status\/1635774115499085824\">wrote<\/a> in response. <\/p>\n<p>Euler Labs said they\u2019re already working with law enforcement in the United States and the United Kingdom along with engaging blockchain intelligence platforms Chainalysis, TRM Labs and the broader Ethereum community to help track down the hacker.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">An update on our work today to recover funds for Euler protocol users. <\/p>\n<p>Here are a few actions we took immediately:<\/p>\n<p>1. Stopped the direct attack as soon as possible by helping disable the EToken module, which blocked deposits and the vulnerable donation function<\/p>\n<p>2. Engaged TRM\u2026 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/6ZClE9uGoH\">https:\/\/t.co\/6ZClE9uGoH<\/a><\/p>\n<p>\u2014 Euler Labs (@eulerfinance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/eulerfinance\/status\/1635431726364147712?ref_src=twsrc%5Etfw\">March 14, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>DeFi protocol Platypus suffers $8.5M flash loan attack, suspect identified<\/em><\/strong><\/p>\n<p>The lending platform added it was able to promptly stop the flash loan attack by blocking deposits and the \u201cvulnerable\u201d donation function.<\/p>\n<p>As for the exploited code, the team explained the vulnerability \u201cwas not discovered\u201d in its smart contract audit, which existed on-chain for eight months until it was exploited on March 13.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Euler Labs works with various security groups to perform audits of the Euler Finance protocol. <\/p>\n<p>While the vulnerable code was reviewed and <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roved during an outside audit, the vulnerability was not discovered as part of the audit. <\/p>\n<p>The vulnerability remained on-chain for eight\u2026 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/M3PYSOwHhL\">https:\/\/t.co\/M3PYSOwHhL<\/a><\/p>\n<p>\u2014 Euler Labs (@eulerfinance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/eulerfinance\/status\/1635431989061795840?ref_src=twsrc%5Etfw\">March 14, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/euler-finance-s-offer-to-hacker-keep-20m-or-face-the-law\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Euler Finance&#8217;s offer to hacker: Keep $20M or face the law &#8220; Ethereum-based noncustodial lending protocol Euler finance is trying to cut a deal with the exploiter that stole millions from its protocol, demanding the hacker returns 90% of the funds they stole within 24 hours or face legal consequences. The platform was exploited&#8230;<\/p>\n","protected":false},"author":1,"featured_media":563875,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/cdn-cgi\/image\/format=auto,onerror=redirect,quality=90,width=1200\/https:\/\/s3.cointelegraph.com\/uploads\/2023-03\/8e0cbfc5-579a-40f7-89a6-2920641642c9.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74868,74891,74882,77595,75434,88784,75269,55229],"class_list":["post-563874","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-defi","tag-ethereum","tag-hacks","tag-lending","tag-smart-contracts","tag-uk-government","tag-us-government","tag-law"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/563874","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=563874"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/563874\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/563875"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=563874"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=563874"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=563874"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}