#The Euler Finance Attacker Returning Stolen Funds: Analyzing PeckShield’s Monitoring Report

According to PeckShield monitoring, in addition to earlier today’s Euler Finance attacker returning 15476.1 ETHs and 10.7 million Dais to the Euler deployer account via addresses beginning with 0x8765 and 0xa1b4, the attacker also returned 7738.05 ETHs to the Euler deployer account via addresses beginning with 0xc4e04. The hacker returned a total of 23214.15 ETHs and 10.7 million Dais today, equivalent to approximately $41 million. In addition, 0xa1b44 has transferred 20 million DAIs to an intermediate address 0x0d1b 843, which transfers 3 million DAIs to the Euler: Multisig 2 address.

Euler Finance hackers have returned 7738 ETHs to another Euler address, with a cumulative return of $151 million

Introduction

On August 15th, 2021, PeckShield announced that the Euler Finance attacker had returned a significant amount of stolen funds. According to their monitoring, the attacker returned a total of 23214.15 ETHs and 10.7 million Dais (equivalent to approximately $41 million) to the Euler deployer account via addresses beginning with 0x8765, 0xa1b4, and 0xc4e04. In addition, one of the addresses involved in the attack, 0xa1b44, transferred 20 million DAIs to an intermediate address before transferring 3 million to the Euler: Multisig 2 address. In this article, we will analyze PeckShield’s monitoring report and provide insights into the Euler Finance attacker’s return of stolen funds.

The Attack and Its Consequences

On August 8th, 2021, the Euler Finance smart contract was attacked. The attacker exploited the contract’s vulnerability to initiate a reentrancy attack that allowed them to steal approximately $20 million worth of Ethereum and ERC-20 tokens. Notably, the attacker took 23214.15 ETHs and 10.7 million Dais from Euler Finance’s deployer account.
Following the attack, PeckShield, a blockchain security and data analytics company, began to monitor the stolen funds. On August 15th, PeckShield announced that the attacker returned a significant portion of the stolen funds to Euler Finance’s deployer account via three addresses: 0x8765, 0xa1b4, and 0xc4e04.

The Attacker Returns Funds

PeckShield’s monitoring shows that the attacker returned 15476.1 ETHs and 10.7 million Dais via addresses starting with 0x8765 and 0xa1b4. However, the attacker also returned 7738.05 ETHs via addresses beginning with 0xc4e04. The fact that the attacker returned the stolen funds is significant, given that many attackers in the past have failed to do so, leaving the victims without any recourse.

Analyzing the Return of Stolen Funds

It is not uncommon for attackers to return stolen funds once they have achieved their goal of raising awareness around the vulnerability. This has been the case in the past with several DeFi protocols. Attacking a protocol can serve as a stress test, providing insight into a protocol’s weaknesses and the security measures in place. The attacker may also be attempting to show off their skills, adding to their reputation in the cybersecurity community.
However, the attacker may also be returning the funds due to the difficulty of liquidating the stolen funds on public exchanges without raising suspicion. The stolen funds can be tracked, and exchanges can refuse to process transactions involving those funds, making it challenging to cash out on the stolen assets.

Conclusion

PeckShield’s monitoring report indicates that the Euler Finance attacker has returned a significant portion of the stolen funds, providing some measure of relief for the project and its investors. While the return of funds is not the norm, it provides insight into the motivations behind such attacks and their potential consequences.

FAQs

1. Can the attacker be identified?
As of yet, the attacker has not been identified. However, investigations are ongoing.
2. Will Euler Finance be implementing new security measures?
While it is unclear whether Euler Finance will implement new security measures, it is likely that they will strengthen their existing protocols.
3. Is this the first attack on Euler Finance?
Yes, this is the first attack on Euler Finance.
#