Crypto Company Loses $200m To Hackers

The British crypto lending protocol firm Euler Finance has suffered a loss of almost $200m on March 13, following a flash-loan attack. The firm provides a DeFi protocol on Ethereum that it claims allows users to lend and borrow almost any crypto asset. 

DeFi protocols are codes, procedures and rules which govern the systems used in DeFi and enable crypto investors  trade, lend, stake tokens, amongst other actions. 

Flash-loan attacks involve taking out large, short-term uncollateralised crypto loans from a DeFi service and using the large sums involved to manipulate the market and other DeFI services. 

The crypto assets taken in the hack include the stablecoins USDC ($34.1M) and Dai ($8.8M), as well as Wrapped Bitcoin ($18.9M) and Staked Ether ($137.1M). The price of Euler’s crypto token fell dramatically following the news of the attack.

Funds used to perpetrate the attack originated from a Monero wallet. Monero is an example of a type of crypto-currency known as a "privacy coin", which unlike bitcoin does not have a clear public ledger of transactions. Euler have communicated with the attacker, by sending on-chain messages to the Ethereum account holding the stolen assets saying that if 90% of the funds are not returned within 24 hours they will launch a $1million reward for information leading to an arrest and the funds return.

A subsequent analysis of this attack revealed that a flaw in one of Euler Finance's smart contracts was exploited to steal the assets and the proceeds of the attack are already being laundered through Tornado Cash, a decentralised mixer that has been sanctioned by the US government.

Euler said it stopped the attack “as soon as possible” by disabling the EToken module, which “blocked deposits and the vulnerable donation function”. Euler also said it had shared details with US and British  law enforcement.

Euler Finance:   Elliptic:    CoinDesk:    Defiant.io:   Infosecurity Magazine:   Silicon Republic    Techcrunch:   

Yahoo:  

You Might Also Read:

Standing On The Cryptocurrency Frontier:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« TikTok Is Banned From British Government Phones
Turning The Tables On Tomorrow's Threat Agent  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

PRESENSE Technologies

PRESENSE Technologies

PRESENSE Technologies specializes in monitoring and enforcing IT security policies at critical points in the network and on end systems.

SMiD Cloud

SMiD Cloud

SMiD encryption technology has been developed following the highest security practices to allow the data availability, integrity and confidentiality.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center is dedicated to combating adversaries who desire to harm our citizens, our government, and our industry through cyber-attacks.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

Pulsant

Pulsant

Pulsant is the UK’s premier digital edge infrastructure company providing next-generation cloud, colocation and connectivity services.