A non-custodial DeFi protocol on the Ethereum network, Euler suffered a flash loan attack that allowed an attacker to steal nearly $197 million worth of tokens including Dai, USDC, stETH, and wBTC.
The attack is listed as the largest cyberattack of 2023, in which the attacker bolts silently the fund through multiple transactions.
The attack was also highlighted by the blockchain security firm, Peckshield.
According to it, the flawed logic in Euler’s smart contract for donation and liquidation. The loophole in the code allowed hackers to liquidate donation leads with the incorrect conversion rate.
Also Read: Norway Seizes $5.8M Worth Crypto From Axie Infinity Hack
Two attackers have leveraged two different DeFi tools to divert funds. The first one is the crypto exchange, Fixed Float, and the second one was identified as a crypto mixing platform, Tornado Cash. The second one allows users to camouflage their transactions by hiding traces.
As per the latest update, some of the transactions were made through a front-running bot that helped attackers to steal $8.8M DAI funds.