Ethereum-based noncustodial lending protocol Eurler finance faced a flash loan attack on March 13, with the attacker managing to steal millions in Dai, USD Coin, staked Ether (StETH) and wrapped Bitcoin (WBTC).
According to on-chain data, as per the last update, the exploiter carried out multiple transactions, stealing nearly $196 million. The ongoing attack has already become the largest hack of 2023. The breakdown of stolen funds is as follows:
According to another crypto analytic firm Meta Seluth, the attack correlates with the deflation attack one month ago. The attacker used a multichain bridge to transfer the funds from the BNB Smart Chain to Ethereum and launched the attack today.
Euler Finance acknowledged the exploit and said they are currently working with security professionals and law enforcement to resolve the issue.
ZachXBT, another prominent on-chain sleuth of the crypto world, pointed out that the movement of funds and the nature of the attack seems quite similar to blackhats that exploited a BSC-based protocol last month. They were exploiting some random protocol on BSC a few weeks ago and then the funds were deposited to Tornado.
Euler Finance raised $32 million in a funding round last year that saw participation from the likes of FTX, Coinbase, Jump, Jane Street and Uniswap.
Euler Finance became quite popular for offering liquid staking derivatives (LSDs) services. LSDs are a relatively new type of token that enables stakers to augment potential returns by unlocking liquidity for their staked cryptocurrency, such as ETH. Currently, LSDs make upto 20% of total value locked in centralized finance protocols.