Euler Labs, the UK-based cryptocurrency startup recently suffered a massive cyberattack that involved threat operators stealing close to $200 million from its dedicated DeFi lending protocol. The company provides the DeFi protocol for Ethereum and claims that it enables users to either borrow or lend almost any cryptocurrency asset.
Code vulnerability exploited
A recent report detailed how threat actors were successfully able to exploit a known vulnerability within the DeFi lending protocol’s code. This enabled the hacking group behind the attack to steal approximately $199 million in a diverse range of digital currencies. According to Elliptic, the blockchain analysis company this broke down as follows – 34.1 million in USDC, $8.8 million in Dai, $18.9 million in Wrapped Bitcoin and $137.1 million in Staked Ether.
“Flash loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service, and using the large sums involved to manipulate the market and other DeFi services in their favour. The proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.”
The blockchain analysis firm added that the funds that were employed to carry out the cyberattack on Euler Lab originated from Monero cryptocurrency wallet. While Monero is classified as a private coin which does not have a public ledger of detailed transactions connected with it, using the advanced investigation tools of Elliptic, it is still possible to track down these funds.
Cryptocurrency is notoriously difficult to recover and trace. As a result, it has become a favoured payment method for many threat operators, especially ransomware gangs.
Actions following a cyber attack
In response to the recent attack, Euler Finance has commented that it took immediate action to attempt to contain the devastating attack. On detecting the event, it instantly engaged two blockchain intelligence companies, TRM Labs and Chainalysis. It also reached out to the Ethereum security community, with the aim of trying to recover the funds stolen.
Additionally, the UK startup has also shared data concerning the attack with law enforcement agencies both here in Britain and in the United States. It has also made attempts to contact those responsible for the attack to try and learn if there were other options open to it regarding the situation and mitigation of its impact.
Regarding the weakness in its solution, Euler Labs was also eager to draw attention to the fact that expert auditors had failed to identify the critical vulnerability in their previous analyses of the DeFi lending protocol.
The startup explained:
“Euler Labs works with various security groups to perform audits of the Euler Finance protocol. While the vulnerable code was reviewed and approved during an outside audit, the vulnerability was not discovered as part of the audit.”
Euler Labs added that the known critical vulnerability had remained on-chain for a period of eight months before being successfully exploited, despite there being a $1 million bug bounty associated with it during that time.