Euler Finance hacker starts returning stolen Ether

The recent attack that embezzled $197 million from Euler Finance has been called the largest decentralized finance (DeFi) attack of 2023. However, that may not be true for much longer, as the hacker appears to have changed his mind.

On March 18, approximately 3,000 Ether (ETH) — worth $5.4 million — was returned to the Euler Finance deployer’s address from the hacker’s address. Blockchain investigator Peckshield has identified three transactions used to send the funds.

https://t.co/4OBksAu9od pic.twitter.com/Zb3MIyex2f

— PeckShield Inc. (@peckshield) March 18, 2023

Cointelegraph confirmed that 1,000 ETH per transaction was transferred to Euler’s deployer account. However, the chances of the hacker returning the entire $197 million loot remain slim as no other outgoing transactions have been recorded at the time of writing.

On March 16, Euler Finance announced a $1 million reward in hopes of tracking down the hacker and recovering the funds.

Today, the Euler Foundation is launching a $1 million bounty in hopes that this will provide yet another incentive to obtain information leading to the arrest of the Euler Protocol attacker and the return of all funds embezzled by the attacker.

— Euler Labs (@eulerfinance) March 15, 2023

Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.

— Euler Labs (@eulerfinance) March 15, 2023

The exploiter was able to siphon off $197 million through multiple transactions and then use a multichain bridge to transfer the funds from the BNB Smart Chain to Ethereum.

Related: Euler Finance hacked despite 10 audits in 2 years

Soon after the $1 million reward was announced, the stolen money was moved to the Tornado Cash crypto mixer.

#PeckShieldAlert The exploiter di @eulerfinance it’s moving.
~1,000 $ETH in Tornado Cash via intermediary address 0xc66d…c9a https://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn

— PeckShieldAlert (@PeckShieldAlert) March 16, 2023

#PeckShieldAlert @eulerfinance exploiter on the move
~1,000 $ETH into Tornado Cash through intermediary address 0xc66d…c9ahttps://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn

— PeckShieldAlert (@PeckShieldAlert) March 16, 2023

Euler Finance asked the hacker to return 90% of the funds within 24 hours to avoid jail time.