Euler Readies $1M Bounty on Crypto Hacker Who Stole $200M

DeFi lending protocol Euler has warned its hacker to return most of the stolen crypto or else face a $1 million bounty

article-image, modified by Blockworks


Euler Finance intends to put out a $1 million bounty on the hacker who stole nearly $200 million from the DeFi platform earlier this week — unless they return nearly all of it.

“If 90% of the funds are not returned within 24 hours, tomorrow we will launch a [$1 million] reward for the information that leads to your arrest and the return of all funds,” Euler wrote in an on-chain message to the hacker.

The bounty message followed a separate on-chain note sent on Monday: “We understand that you are responsible for this morning’s attack on the Euler platform. We are writing to see whether you would be open to speaking with us about any potential next steps.”

Earlier on Monday, hacker(s) had executed what’s known as a flash loan attack. These involve rapidly borrowing and returning crypto within one block while exploiting a smart contract vulnerability to receive an unintended amount of crypto.

In Euler’s case, the attack saw around $197 million siphoned from its Ethereum-powered lending protocol — mostly wrapped staked ether along with smaller amounts of USDC, wrapped bitcoin, wrapped ether, DAI and lido staked ETH.

Independent researcher ZachXBT tweeted that he was certain the attack was conducted by malicious hackers, “as they were exploiting some random protocol on [Binance Smart Chain] a few weeks ago” with funds deposited to Tornado Cash.

Euler states on its website that it had partnered with six security firms, but it appears those protections weren’t enough.

The vulnerability lay within the “donateToReserve” function in the Euler Pool contracts, according to blockchain security firm CertiK.

This function is said to lack proper checks of the liquidity collateralization status, with the result being that users could willingly abandon a portion of the leveraged deposit, which would leave the pool insolvent.

“With assets borrowed from the flash loan, the attacker first created a highly leveraged insolvent position through the unique ‘mint’ function of the Euler lending protocol as well as the vulnerable ‘donateToReserves’ function within Euler’s pool contracts,” CertiK said. 

“The attacker then liquidates their position in the same transaction to gain a large amount of derivative eTokens before draining the pool through withdrawal. The attacker repeatedly calls the attacks on multiple Euler Pools to drain all of them.”

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

Mon - Wed, March 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience: Attend expert-led panel discussions and fireside chats Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts.

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Top Icon.png


Osmosis thrived in H2 2023 on the back of increased DeFi activity deriving from recently launched Cosmos-related projects and better market conditions. With new value accrual mechanisms for the native token, Osmosis is well-positioned to continue its strong performance in 2024.



Though the opposing flow trend is likely to slow over time, industry watchers note, bitcoin fund assets could one day eclipse the $90 billion gold ETF space


Celestia had the first mover advantage. EigenDA has staked ether. What sets Avail apart?


Bitcoin moved 1% higher Monday morning in New York, Matrixport analysts say $62,000 could happen next month


It’s hard to believe right now that crypto — even with all of its flexibility and massive capabilities — could ever be like cash on the internet


Michael Saylor announced Monday morning that MicroStrategy bought 3k more bitcoin after the X account was compromised over the weekend


Plus, Pudgy Penguins grows its brand and a group of Autoglyphs sell for $14.5 million