The recent attack that drained $197 million from Euler Finance was dubbed the biggest decentralized finance (DeFi) hack of 2023 so far. However, this may not hold for much longer as the hacker reportedly had a change of heart.
On March 18, roughly 3,000 Ether (ETH) ($5.4 million) were returned to Euler Finance’s deployer address from the Euler Finance hacker’s address. Blockchain investigator PeckShield identified three transactions that were used to send the funds.
https://t.co/4OBksAu9od pic.twitter.com/Zb3MIyex2f
— PeckShield Inc. (@peckshield) March 18, 2023
Cointelegraph confirmed that the hacker transferred 1,000 ETH per transaction to Euler’s deployer account. However, chances that the hacker will return the entire loot of $197 million remain slim, as no more outbound transactions were recorded at the time of writing.
On March 16, Euler Finance announced a $1 million reward to track down the hacker and retrieve the funds.
Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.
— Euler Labs (@eulerfinance) March 15, 2023
The exploiter was able to drain $197 million through multiple transactions and later used a multichain bridge to transfer the funds from the BNB Chain to Ethereum.
Related: Euler Finance hacked despite 10 audits in 2 years, says CEO
Soon after a $1 million bounty was announced, the stolen funds were moved into the crypto mixer Tornado Cash.
#PeckShieldAlert @eulerfinance exploiter on the move
~1,000 $ETH into Tornado Cash through intermediary address 0xc66d…c9ahttps://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn
— PeckShieldAlert (@PeckShieldAlert) March 16, 2023
Euler Finance demanded that the hacker return 90% of the funds within 24 hours to avoid possible jail time.