The hacker who stole $197 million from Ethereum-based noncustodial lending protocol Euler Finance has returned approximately 3,000 Ether worth $5.4 million. The assets were transferred from the hacker’s address to Euler Finance’s deployer address on 18 March.
PeckShield, a blockchain investigator, identified three transactions that were used to move the funds and shared the details on Twitter.
The recent attack on Euler Finance, which stole $197 million, has been dubbed the biggest decentralized finance (DeFi) hack of 2023 so far.
However, this may not last long because the hacker reportedly changed his mind. The hacker was able to drain all the assets through multiple transactions before transferring the funds from the BNB Chain to Ethereum via a multichain bridge.
The crypto analytic firm Meta Sleuth linked the attack to a deflation attack from a month ago. The hacker launched the attack by transferring funds from the BNB Smart Chain (BSC) to Ethereum via a multi-chain bridge.
On-chain security expert, ZachXBT, had pointed out that the fund movement from Euler Finance and the nature of the attack appear to be very similar to blackhats who exploited a BSC-based platform in February. The funds were transferred to Tornado Cash after a protocol on BSC was exploited previously.
There were rumors that the North Korea-based Lazarus group was behind the hack as the nature of stealth was strikingly similar.
Two days ago, Euler Finance announced a $1 million reward for capturing the hacker and returning the funds. The hacker transferred the stolen funds to the cryptocurrency mixer Tornado Cash shortly after the protocol announced the bounty.
To avoid jail time, Euler Finance demanded that the hacker should return 90% of the funds within 24 hours.
However, chances of the hacker returning the entire loot remain slim as no further outbound transactions were recorded so far.