The Euler Finance exploiter has returned 3,000 ETH worth $5.4 million to the DeFi protocol, indicating that the platform may have struck a deal with the hacker.
Exploiter returns stolen Euler funds worth $5.4 million
The Euler Finance exploiter on March 18 returned around 3000 ETH ($5.4 million) to the address of the platform implementer. Blockchain researcher PeckShield identified three transactions used to send funds.
Euler Finance was hacked on March 13 in a flash loan attack in which the exploiter made off with $197 million.
The funds were stolen in four transactions of $136 million in ether (stETH), 34 million USDC, 19 million wrapped bitcoin (WBTC) and 8.7 million DAI.
The attacker manipulated the internal markets of the protocol through a quick loan, depleting its treasury.
The exploiter later transferred 1,100 ETH ($1.8 million) to cryptocurrency mixer Tornado Cash to launder the stolen funds.
The March 14 protocol offered the exploiter a 10% reward to return 90% of the stolen funds.
However, he warned that if the funds were not returned within 24 hours, he would issue a $1 million reward for information leading to his arrest and the return of all funds.
Exploiter sends funds to Lazarus Group
The attacker, on March 17, sent 100 ETH ($170,500) to a wallet associated with Ronin of Lazarus Group, a North Korean hacking group, according to lookonchain.
It is not clear if Lazarus Group is complicit in or connected to the Euler Finance exploiter.
The US Treasury Department added Lazarus Group to its list of designated entities in April 2022.
It is unknown if the attacker plans to return the rest of the funds.
