Euler Finance, a non-custodial DeFi (Decentralised Finance) protocol on Ethereum, was hit by a cryptocurrency flash loan attack on Monday morning in which cybercriminals stole about $197 million in cryptocurrencies, making it the largest hack of 2023 so far.
The cryptocurrency that was stolen involved multiple digital assets, including $8.75 million worth of the decentralized stablecoin DAI, $18.5 million in WBTC (Wrapped Bitcoin), $33.85 million in USDC (USD Coin), and $135.8 million in stETH (staked Ether tokens).
For those unaware, Euler Finance facilitates the lending and borrowing of various cryptocurrencies for users through an automated service that does not require human intervention.
The cyberattack on Euler Finance was first spotted by PeckShield, a blockchain security and data analytics company, which tweeted out a link showing unusually high transfers from Euler:
Hi @eulerfinance: you may want to take a look: https://t.co/L7ddZhHNq5
— PeckShield Inc. (@peckshield) March 13, 2023
Independent researcher JakeXBT, who investigates crypto scams and hacks, posted on Twitter that this was almost certainly an attack by malicious hackers, adding that the movement of funds and nature of the attack seems to be very similar to black hats who exploited some random protocol on BSC (Binance Smart Chain) a few weeks ago and then the funds deposited to Tornado Cash.
Euler Finance acknowledged the attack on Monday and tweeted, “We are aware and our team is currently working with security professionals and law enforcement. We will release further information as soon as we have it.”
Updating its users on the situation, Euler on Tuesday said that they had disabled their vulnerable e-token module and donation function to prevent further deposits.
“We continue to investigate this morning’s unlawful extraction of funds from the Euler protocol. The Euler Labs team has taken several immediate actions to attempt to recover the funds and identify exactly what happened, including contacting and sharing information with law enforcement, and working with independent third-party auditors and security firms,” Euler tweeted on Tuesday.
“Our number one priority is recovering funds for Euler protocol users and we are working as hard as we can to make that happen.”
Over the past two years, several platforms have been attacked by flash loan attacks. These attacks involve hackers borrowing large amounts of cryptocurrency through a flash loan without requiring collateral.
They then use the borrowed funds to manipulate the prices of certain assets on one exchange before quickly selling them on another before the loan is repaid where the borrower keeps any profit.
Several Euler investors took to social media channels such as Discord and Telegram to express their frustration and disappointment with the platform and speculate what they should do next.
“Almost 1.3M USD gone. I thought they were the most secure lending protocol, I never liked Michael on twitter, but i wouldn’t even imagine them releasing updates without prior notice or audits,” wrote one on Discord.
“Nice to at least know how I respond when I lose over $100k in the space of an hour. Learned a little about myself today. Maybe it’s not about the money lads, it’s about what you learn along the way,” wrote another investor on Discord.
The news of the cyberattack has caused the Euler (EUL) token value to fall significantly, which is likely to have a substantial impact on its investors.