Image default

This Is How A Hacker Stole Roughly $200 Million From Euler Finance, A DeFi Protocol

Euler Finance, a decentralized finance (DeFi) lending protocol on Ethereum, has lost approximately $200 million through a flash loan hack. This loss makes it the biggest DeFi hack in 2023.

Euler Finance’s $200 Million Exploit

On Mar. 13, 2023, Euler Finance confirmed that it had suffered an attack, resulting in approximately a $200 million loss. The protocol is now working with law enforcement and security professionals.

To execute the hack, the attacker targeted four tokens: DAI, an algorithmic stablecoin; wrapped-Bitcoin (WBTC); staked-Ethereum (sETH); and USDC, a fiat-backed stablecoin. In recent months, Euler Finance has become popular for offering liquid staking derivatives (LSD) services. Notably, it comes ahead of the Shanghai-Capella upgrade on Ethereum, a smart contract platform. 

Ethereum Price On March 13| Source: ETHUSDT On Binance, TradingView

According to Dedaub, a smart contract auditing service provider, the attacker used flash loans from Aave, a non-custodial lending protocol, to carry out the attack. Ahead of this, funds were first bridged from BNB Smart Chain (BSC) before it was deployed to break Euler Finance.  

In a flash loan attack, the attacker borrows a large token amount without collateral, typically using a flash loan. Afterward, they use that loan to manipulate other tokens’ value in a pool, in most cases driving down the price of the target asset. With this, they can buy that token at a lower price and quickly sell it back for a profit once the price recovers.

The Flash Loan Attack 

In Euler Finance’s case, the flash loan was leveraged in two instances forcing massive liquidations. Specifically, the attacker tricked the protocol into falsely assuming it held a low amount of eToken, a collateral token issued by Euler based on whichever token is deposited on the protocol.

They then borrowed 10x the deposited amount from Euler, receiving 195.6 million eDAI and 200 million dDAI.

This type of exploit is known as a liquidity attack. It’s also one of the most common types of DeFi hacks.

Essentially, attackers manipulate the protocol’s liquidity calculations, which allows the attacker to borrow more funds than they should be able to, leading to massive losses for the protocol and its users.

The Euler hack is the latest in many DeFi exploits that have plagued the industry recently. According to blockchain analytics firm Chainalysis, over $3 billion was stolen from DeFi protocols via hacks or exploits in 2022 alone.

DeFiLlama data shows hackers stole over $20 million in February 2023. Among those targeted include Orion, dForce network, and Platypus Finance.

In February, the dForce network lost $3.65 million, while Platypus Finance was hacked for over $8 million.

Feature Image From Canva, Chart From TradingView

Source link

Related posts

WTF! CeFi platform CoinFLEX wants to raise $47M to cover Roger Ver’s bad loan

Anders Olsen

MakerDAO Revenue Experiences A Major Drop, Here’s Why

Anders Olsen

1inch Foundation Allocates 10 Million Tokens To The Delegation Incentive Program

Anders Olsen

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy