Hacker behind Euler Finance breach sent $2.5 million to Tornado Cash

The attacker, who breached the DeFi protocol Euler Finance, routed 1,800 ETH through the crypto mixer Tornado Cash (~$2.49 million at the time of writing). This is evidenced by BlockSec analysts’ on-chain activity ончейн-активность.

On March 13 the hacker exploited a flaw in the flash-loan mechanism, by posting unsecured collateral. As a result of a smart contract error, he managed to liquidate the debt and withdraw cryptocurrency worth $196 million.

Subsequently the Euler team disabled the vulnerable EToken protocol and notified law enforcement authorities in the United States and the United Kingdom about the hack. The project also turned to analytics firms Chainalysis and TRM Labs for assistance in the investigation.

The platform offered the hacker the return of 90% of the stolen funds. Otherwise Euler pledged a $1 million reward for any information leading to the arrest of the attacker.

After transferring part of the funds to Tornado Cash, some users on social media speculated that ‘the chances of recovery are 0.00000000000000001%’.

exploit address -> phishing scam address -> tornado cash

Chances of recovery now sitting at 0.0000000000000001% https://t.co/xzJQ9lmInL

— Milkyway (@milkyway16eth) March 16, 2023

However BlockSec’s head of security Matthew Jiang считает that the Tornado Cash transaction will not determine the ultimate fate of the stolen cryptocurrency.

“The amount laundered to date bears no direct relation to whether the attacker will return 90% of the assets Euler requested. The hacker will send them back if he wishes, but may change his mind,” he noted.

After the incident, an unknown user requested the hacker to return ‘vital savings’ amounting to 78 ETH. Ultimately the attacker sent 100 ETH to his victim. Back in March, the address moved 2250 ETH to Tornado Cash after 647 days of inactivity.