ICrypto

Hotest Blockchain News in First Media Index

This Is How A Hacker Stole Roughly $200 Million From Euler Finance, A DeFi Protocol

Euler Finance, a decentralized finance (DeFi) lending protocol on Ethereum, has lost approximately $200 million through a flash loan hack. This loss makes it the biggest DeFi hack in 2023.

Euler Finance’s $200 Million Exploit

On Mar. 13, 2023, Euler Finance confirmed that it had suffered an attack, resulting in approximately a $200 million loss. The protocol is now working with law enforcement and security professionals.

To execute the hack, the attacker targeted four tokens: DAI, an algorithmic stablecoin; wrapped-Bitcoin (WBTC); staked-Ethereum (sETH); and USDC, a fiat-backed stablecoin. In recent months, Euler Finance has become popular for offering liquid staking derivatives (LSD) services. Notably, it comes ahead of the Shanghai-Capella upgrade on Ethereum, a smart contract platform. 

Ethereum Price On March 13| Source: ETHUSDT On Binance, TradingView

According to Dedaub, a smart contract auditing service provider, the attacker used flash loans from Aave, a non-custodial lending protocol, to carry out the attack. Ahead of this, funds were first bridged from BNB Smart Chain (BSC) before it was deployed to break Euler Finance.  

In a flash loan attack, the attacker borrows a large token amount without collateral, typically using a flash loan. Afterward, they use that loan to manipulate other tokens’ value in a pool, in most cases driving down the price of the target asset. With this, they can buy that token at a lower price and quickly sell it back for a profit once the price recovers.

The Flash Loan Attack 

In Euler Finance’s case, the flash loan was leveraged in two instances forcing massive liquidations. Specifically, the attacker tricked the protocol into falsely assuming it held a low amount of eToken, a collateral token issued by Euler based on whichever token is deposited on the protocol.

They then borrowed 10x the deposited amount from Euler, receiving 195.6 million eDAI and 200 million dDAI.

This type of exploit is known as a liquidity attack. It’s also one of the most common types of DeFi hacks.

Related Reading: Trust Wallet Comes Clean On Rumors Regarding $4 Million ‘Hack’

Essentially, attackers manipulate the protocol’s liquidity calculations, which allows the attacker to borrow more funds than they should be able to, leading to massive losses for the protocol and its users.

The Euler hack is the latest in many DeFi exploits that have plagued the industry recently. According to blockchain analytics firm Chainalysis, over $3 billion was stolen from DeFi protocols via hacks or exploits in 2022 alone.

DeFiLlama data shows hackers stole over $20 million in February 2023. Among those targeted include Orion, dForce network, and Platypus Finance.

Related Reading: A Botched Heist: A Look At The Sloppy $8.5M Hack On Platypus Protocol

In February, the dForce network lost $3.65 million, while Platypus Finance was hacked for over $8 million.

Tags:
Share
 14.03.2023

Hotest Cryptocurrency News

End of content

No more pages to load

Next page