UK-based crypto startup Euler Labs has fallen victim to a devastating cyber-attack, resulting in the theft of nearly $200 million from its DeFi lending protocol. The company offers a DeFi protocol on the Ethereum blockchain, allowing users to lend and borrow a wide range of crypto assets.
The attack, which occurred recently, exploited a vulnerability in Euler Labs’ code, enabling hackers to make off with approximately $199 million in various digital currencies. Among the stolen assets were USDC ($34.1 million), Dai ($8.8 million), Wrapped Bitcoin ($18.9 million), and Staked Ether ($137.1 million), as reported by blockchain analysis firm Elliptic.
According to Elliptic, the attackers utilized a technique known as a “flash loan attack,” where they borrowed large sums of uncollateralized crypto from a DeFi service to manipulate the market and other DeFi platforms in their favor. The stolen funds are currently being laundered through Tornado Cash, a decentralized mixer sanctioned by the US government.
Elliptic traced the funds used in the attack back to a Monero wallet. Despite Monero being a privacy coin with no public ledger of transactions, Elliptic’s investigation tools were able to track the funds involved in the cyber-attack.
In response to the breach, Euler Labs took immediate action to contain the attack and enlisted the help of blockchain intelligence firms Chainalysis and TRM Labs, as well as the Ethereum security community, in an effort to recover the stolen funds. The company also cooperated with law enforcement agencies in the UK and the US and even reached out to the attackers in hopes of gathering more information.
Euler Labs emphasized that the vulnerability in its lending protocol had not been detected during previous audits conducted by security groups. Despite undergoing external audits and having a $1 million bug bounty program in place, the vulnerability went unnoticed for eight months until it was exploited in the recent attack.
The incident serves as a stark reminder of the risks associated with DeFi platforms and the importance of thorough security measures in the rapidly evolving cryptocurrency space. Euler Labs is now focused on strengthening its security protocols and working to prevent future attacks on its DeFi protocol.