The hacker who caused the $196 million vulnerability in the Euler Finance lending protocol has returned the majority of the assets stolen, according to on-chain data.
On March 25, the hacker received 51,000 Ether (ETH), which was valued at about $88 million at the time. A second transfer of 7,737 ETH, worth more than $13 million, was made the same day. This came after the hacker sent 3,000 ETH (valued at roughly $5.4 million) to the protocol on March 18.
Some of the stolen funds remain in the exploiter’s control.
The incident, which took place on March 13, saw the hacker siphon off nearly $196 million worth of assets, including 8.8 Million DAI, 849,000 Bitcoin, 85 MILLION stETH, 34 million USDC stablecoin, and 8.8 Milion DAI. It was dubbed the largest DeFi hack of 2021.
The hacker sought to negotiate with the protocol in an off-chain message, saying, “We want to make this easy on all those affected. No intention of keeping what is not ours. Setting up secure communication. Let us come to an agreement.” Euler Finance agreed.
Related: Euler Attack causes locked tokens and losses in 11 DeFi protocols including Balancer
The protocol had previously demanded that the hacker return 90% of the stolen funds within 24 hours or face legal action. No response was received within the time frame. As an incentive, Euler Finance offered a $1 bounty for any information that would lead to the attacker’s capture.
Other transactions made by the hacker included the transfer of 1,000 nETH, worth approximately $1.65 Million, through a sanctioned crypto mixer called Tornado Cash. According to PeckShield, a blockchain analytics firm, approximately 100 Ether were sent to a wallet address believed to belong to one of the victims. This wallet address then sent an on-chain message pleading with the hacker for the return of their “life savings.”