Euler Finance exploiter has returned 3,000 ETH worth $5.4m to the DeFi protocol, indicating the platform may have reached a deal with the hacker.
Exploiter returns stolen Euler funds worth $5.4m
The Euler Finance exploiter on Mar. 18 returned about 3,000 ETH ($5.4m) to the platformโs deployer address. Blockchain investigator PeckShield identified three transactions used to send funds.
Euler Finance was hacked on Mar. 13 in aย flash loan attackย where the exploiter made away with $197m.
The funds were stolen over four transactions of $136m staked ether (stETH), $34m USDC, $19m wrapped bitcoin (WBTC), and $8.7m DAI.
The attacker manipulated the protocolโs internal markets via a flash loan, draining their treasury.
Later, the exploiter moved 1,100 ETH ($1.8m) to the crypto mixer Tornado Cash toย launderย stolen funds.
The protocol on Mar. 14 offered the exploiter a 10% bounty to return 90% of the stolen funds.
However, it warned that if the funds were not returned within 24 hours, it would launch a $1m reward for information that would lead to their arrest and the return of all funds.
Exploiter sends funds to Lazarus Group
The attacker, on Mar. 17, sent 100 ETH ($170,500) to a wallet associated with Lazarus Groupโs Ronin, a North Korean hacking group, according toย Lookonchain.
It is unclear whether Lazarus Group is an accomplice or connected to the Euler Finance exploiter.
The U.S. Treasury Department addedย Lazarus Groupย to its list of designated entities in April 2022.
Whether the attacker plans to return the rest of the funds remains unknown.
