Hackers steal $197 million in crypto in Euler Finance attack

Hackers steal 7 million in crypto in Euler Finance attack

Hackers steal 7 million in crypto in Euler Finance attack

Lending protocol Euler Finance was hit by a cryptocurrency flash loan attack on Sunday, where the threat actor stole $197 million in multiple digital assets.

Cryptocurrency theft is involved multiple tokensincluding $8.75 million worth of DAI, $18.5 million in WBTC, $33.85 million in USDC, and $135.8 million in stETH.

The attackings ETH wallet used to store the stolen funds is tracked, so it will be difficult for the perpetrator to move the stolen funds around and convert them into a usable form.

however, Elliptic reports that threat actors are already laundering proceeds through allowed cryptocurrency mixer Tornado Cash.

The startup behind Euler Finance, UK-based Euler Labs, shared a brief statement on Twitter, saying that they are currently in contact with security professionals and law enforcement agencies and will release more information. when ready.


The attack caused the Euler (EUL) token value to down 44.2% overnight, from $6.56 to $3.37 at the time of writing.

Flash loan attacks exploit a weakness in a lending protocol to borrow large amounts of money without having to return its value to the service.

Attackers use an exploit that allows them to manipulate the price of a token or asset on the platform during the few seconds they hold the loaned amount, so when the trade is completed, they are left with a large profit.

A similar flash loan attack is targeted at Beanstalk DeFi platform in April 2022, when threat actors stole $182 million in assets.

Blockchain security and analytics company Reported by PeckShield that hacking Euler was possible due to faulty logic in the donation system and its liquidation.

More specifically, the “donateToReserves” function did not verify that the attacker donated the excess collateralized amount, and the liquidation system did not correctly verify the conversion rate from borrowed to collateral assets.

Euler code flaw
Euler Finance logic flaw (PeckShield)

These flaws allowed attackers to manipulate the conversion rate to profit from the deletion process.

PeckShield said the attack involved two hackers, a borrower and a liquidator, working in coordination to perform the necessary actions depicted in the diagram below.

Attack steps taken by hackers
Attack steps taken by hackers (PeckShield)

DeFi hacks are rising over the past two years, with hackers abandoning their efforts to attack exchanges and shifting their focus to quickly exploiting logic flaws in crypto lending platforms’ smart contracts.

These attacks are so devastating that they can derail overnight a healthy and thriving company that has undergone multiple security audits.