1. Home
  2. Flash loan attack

Flash loan attack

Crypto Hacks and Scams Cost $300 Million in August

Crypto Hacks and Scams Cost 0 Million in AugustIn August, approximately $310.9 million was lost to exploits, hacks, and scams. However, digital assets worth $10.3 million were recovered, resulting in a net loss of $300.6 million. According to the security firm Certik, this is the second-highest monthly loss in 2024 so far. While May had the highest exploit total loss of just over […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

US Justice Department on the hunt for DeFi hackers and thieves: Report

The US Justice Department’s top crypto cop said that it was a “pretty significant issue” given the rise of North Korean “state-sponsored hackers.”

The United States Justice Department’s crypto enforcement team is cracking down on Decentralized Finance (DeFi) hackers and exploiters, amid a four-year rise in illicit crypto activity.

In a Financial Times report published on May 15, Eun Young Choi, director of the U.S. Department of Justice (DOJ) national cryptocurrency enforcement team (NCET), stated that the department is focusing on thefts and hacks involving DeFi and “particularly chain bridges.”

Choi said it was a “pretty significant issue” for the DOJ given North Korean “state-sponsored hackers” have emerged as “key actors in this space.”

North Korean hackers stole an estimated range of between $630 million to more than $1 billion of crypto assets in 2022, Cointelegraph reported in February.

The DOJ announced Choi – a prosecutor with nearly a decade of experience in the DOJ — as the first director of the NCET in February 2022.

At the time, a statement from the department explained that the NCET will serve as a “focal point” for the DoJ in tackling cryptocurrency, cybercrime, money laundering, and forfeiture.

While the DOJ highlighted that “mixing and tumbling services” would be a particular focus for the agency, it did not specifically mention anything in regard to DeFi platforms at the time.

Choi, who also recently spoke at the Financial Times Crypto and Digital Assets Summit, reaffirmed that the DOJ is after crypto firms that either commit the crime or turn a blind eye to "obscure the trail of transactions." She noted:

“The DoJ is targeting companies that commit crimes themselves or allow them to happen, such as enabling money laundering.”

She explained that by going after the source, the platform itself, it will have a “multiplier effect” in terms of stopping “criminal actors to easily profit from their crimes.”

Choi further emphasized the “scale and the scope of digital assets being used in a variety of illicit ways” has grown significantly over the last four years.

Related: DeFi sees its biggest hack in 2023 as Euler loses $197M: Finance Redefined

DeFi platforms have experienced a string of attacks in recent times.

Decentralized Finance Total Value Locked (TVL). Source: DappRadar

The biggest DeFi hack so far this year was reported on March 13, with Euler Finance facing a flash loan attack with over $196 million in DAI, USDC, staked Ether (StETH) and Wrapped Bitcoin (WBTC) stolen.

Meanwhile, in November 2022 DeFi trading platform Mango Markets saw an exploiter allegedly take advantage of their low liquidity to “drain funds.”

Essentially the hacker deposited $5 million of his own money into the platform to drive up the price of MNGO from $0.03 to $0.91 to increase their MNGO holdings to $423 million.

From there, the exploiter was able to acquire a loan for $116 million using several tokens on the platform, including Bitcoin (BTC), Solana (SOL) and Serum (SRM), as a result, the loan eliminated the entire liquidity of Mango Markets.

Magazine: DeFi abandons Ponzi farms for ‘real yield’

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Allbridge to first begin repaying stuck bridge users after recouping funds

The compensation process is expected to start next week, starting with users who had funds on the bridge “shortly before the shutdown.”

Users with funds stuck on the multichain token bridge provided by Allbridge are first in line to receive compensation under a recovery plan posted by the project following a recent exploit. 

In an April 5 statement, Allbridge said it has already started a compensation process for users despite only “partly recovering funds” after it was hacked for roughly $573,000 on April 1.

“We will start with the bridge users whose transactions got stuck in pending due to the emergency shutdown,” Allbridge said, adding it will then compensate its liquidity providers (LPs).

“We aim to fully compensate those victims of the exploit with funds available to us,” it wrote.

It noted that it enabled LPs to withdraw funds on April 2, with the majority withdrawing their assets from the pool. Some, however, could withdraw even more “due to the pool’s disbalance.“

Others could not withdraw “a reasonable amount” from the liquidity pool due to some users withdrawing more than their original balances and the hack’s impact on the pools.

An application form is currently being drafted for LPs who could not withdraw their assets, allowing them to apply for compensation and provide details of their losses.

The form is anticipated to be completed within the next two days. The compensation process is expected to commence next week, starting with users who “have used the bridge shortly before the shutdown.”

“All the affected parties by the exploit will be subject to additional rewards in the future, but compensation remains our main priority.”

The compensation plan comes after Allbridge tweeted on April 3 that 1,500 BNB (BNB), worth approximately $465,000, was returned to the project following a public proposal made to the hacker in an April 1 tweet.

Related: Allbridge to become the first token bridge for the Stacks token 

The protocol’s exploiter seemingly accepted Allbridge’s offer of a “white hat bounty,” where they could keep a portion of the stolen funds in exchange for an assurance that no legal action would be taken.

Meanwhile, Ethereum-based noncustodial lending protocol Eurler Finance announced on April 4 that it recovered most of the $196 million stolen in a March 13 flash loan attack following successful negotiations.

The attacker managed to steal millions worth of Dai (DAI), USD Coin (USDC), staked Ether (stETH) and wrapped Bitcoin (WBTC) in the largest hack of 2023 so far.

Magazine: Crypto winter can take a toll on hodlers’ mental health

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Euler Finance to enter talks with exploiter over the return of funds

The flash loan exploiter claims they have “no intention of keeping what is not ours” and wants to “come to an agreement” with Euler Finance.

Ethereum-based lending protocol Euler Finance could be a step closer to recovering funds stolen in a $196 million flash loan attack last week, with private discussions now initiated with the exploiter.

In an on-chain message to Euler on March 20, days after sending funds to a red-flagged North Korean address, the exploiter claimed they now want to “come to an agreement” with Euler.

“We want to make this easy on all those affected. No intention of keeping what is not ours. Setting up secure communication. Let us come to an agreement,” said the exploiter.

The hacker’s most recent public on-chain message to Euler. Source: Etherscan

Hours later, Euler replied with its own on-chain message, acknowledging the message and asking the exploiter to talk “in private,” stating:

“Message received. Let's talk in private on blockscan via the Euler Deployer address and one of your EOAs, via signed messages over email at contact@euler.foundation, or any other channel of your choice. Reply with your preference.”

Euler’s latest public on-chain message to the hacker. Source: Etherscan

Euler had previously tried to cut a deal with the exploiter after the exploit, insisting that they return 90% of the funds they stole within 24 hours or potentially face legal consequences.

There was no response, and 24 hours later, Euler launched a $1 bounty reward for any information that could lead to the exploiter’s arrest and return of the funds.

Related: Euler attack causes locked tokens, losses in 11 DeFi protocols, including Balancer

While the identity of the exploiter is not known, the recent language used by the exploiter could suggest more than one person is involved.

In a March 17 tweet, blockchain analytics firm Chainalysis said the recent 100 Ether (ETH) transfer to a wallet address associated with North Korea could mean the hack is the work of the “DPRK” — the Democratic People’s Republic of Korea.

However, this could also be an attempt to intentionally misdirect investigators, the firm said.

Other transactions from the exploiter’s wallet address include 3000 ETH, which was sent back to Euler Finance on March 18, along with funds sent to crypto mixer Tornado Cash and even an apparent victim of the exploit. 

On March 20, another address reached out to Euler on-chain, claiming to have found a “solid string of connections” that could help them find out who and where the exploiter was.

Cointelegraph reached out to the Euler Foundation for comment but did not receive an immediate response.

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Euler hacker seemingly taking their chances, sends funds to crypto mixer

Before the move, the hacker apparently refunded at least one victim, leading to a slew of on-chain messages from other purported victims.

The hacker responsible for the $196 million attack on Euler Finance has begun moving funds into crypto mixer Tornado Cash, only hours after a $1 million bounty was launched to uncover the hacker's identity.

Blockchain analytics firm PeckShield tweeted on March 16 that the exploiter behind the flash loan attack on the Ethereum noncustodial lending protocol was “on the move.”

The exploiter transferred 1,000 Ether (ETH), approximately $1.65 million, through sanctioned crypto mixer Tornado Cash.

It comes only hours after Euler Labs tweeted it's launching a $1 million reward for information leading “to the Euler protocol attacker’s arrest and the return of all funds.”

Just a day earlier, Euler sent an on-chain message to the exploiter's address on March 14 warning it would launch a bounty “that leads to your arrest and the return of all funds” if 90% wasn't returned within 24 hours.

The movement of the funds to the crypto mixer could indicate that the hacker is not being swayed by Euler's amnesty offer. 

Peckshield noted that around 100 ETH, worth $165,202 at the time of writing, was sent to a wallet address that is likely owned by one of the victims. An on-chain message sent by the wallet address had earlier pleaded for the attacker for the return of their "life savings."

This led to a slew of other victims sending messages to the address in hopes of also getting their funds returned.

Related: Euler attack causes locked tokens, losses in 11 DeFi protocols, including Balancer

One message stated they “are twenty-six families from jobless rural areas,” who lost “a million USDT in total,” adding their share of funds in the protocol was the “life-savings from our past decades of work in factories.”

Another apparent victim messaged the attacker congratulating them on the “big win” and said they invested funds into Euler they “desperately needed” for a house.

“My wife is going to kill me if we can’t afford our house [...] Is there anyway [sic] you can help me? I have no idea what to tell my wife,” they wrote.

According to on-chain data, the $196 million stolen from Euler consisted of Dai (DAI), USD Coin (USDC), staked ETH and wrapped Bitcoin (WBTC).

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Polygon-Based Decentralized Exchange Quickswap Loses $220K in Flash Loan Exploit

Polygon-Based Decentralized Exchange Quickswap Loses 0K in Flash Loan ExploitOn Monday, the Polygon-based decentralized exchange (dex) Quickswap lost $220K in a flash loan exploit and following the attack, the team detailed the Quickswap Lend platform will be terminated. Quickswap Hacked for $220K, Dex Project Sunsets Lending Platform 2022 has been quite the year for decentralized finance (defi) hacks as billions have been stolen due […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Bored Ape Yacht Club’s Apecoin DAO Airdrops Millions of Apecoins to NFT Owners

Bored Ape Yacht Club’s Apecoin DAO Airdrops Millions of Apecoins to NFT OwnersDuring the last 24 hours, the cryptocurrency community has been discussing the launch of a new token called apecoin (APE), released by the newly-formed Apecoin DAO. At launch, the token exchanged hands for $10.36 per coin, but dropped more than 40% to $6.21. Since the token’s all-time low and Bored Ape Yacht Club (BAYC) owners […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Binance Smart Chain Faces yet Another Flash Loan Attack: Belt Finance Loses $6.3 Million

Binance Smart Chain Faces yet Another Flash Loan Attack: Belt Finance Loses .3 MillionBelt Finance, a Binance Smart Chain-based decentralized lending protocol, lost $6.3 million in a flash loan attack last week. The attackers took advantage of a series of inefficiencies in the smart contract to manipulate the price of the set and obtain profit from a series of transactions. This is just the last of a series […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

BSC Defi Protocol Burgerswap Loses $7.2 Million from a Flash Loan Attack

BSC Defi Protocol Burgerswap Loses .2 Million from a Flash Loan AttackAnother Binance Smart Chain project has been hit with a flash loan attack according to a post mortem written by the Burgerswap team. The project’s official Twitter account said at around 3 a.m. on Friday, Burgerswap suffered from a flash loan attack with the hackers stealing $7.2 million in funds. Binance Smart Chain Defi Protocol […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy

Flash Loan Attacks Drain 2 Binance Smart Chain Defi Projects for $6 Million

Flash Loan Attacks Drain 2 Binance Smart Chain Defi Projects for  MillionThere have been two back-to-back flash loan attacks in a short period of time stemming from two unique Binance Smart Chain decentralized finance (defi) projects. Last Wednesday, the yield-farming platform Pancakebunny lost close to $3 million in a flash loan attack according to reports. The following Sunday, Bogged Finance saw $3 million exploited from a […]

Former Binance.US CEO Brian Brooks takes board seat at MicroStrategy