Euler Finance Exploited for $197M in Flash Loan Attack

  • The attacker carried out multiple transactions to steal 85,818 staked ether (stETH), 34.5 million USDC, 849 wrapped Bitcoin (WBTC), and 8.9 million DAI.
  • Euler Finance is now working with security professionals and law enforcement trying to rectify the situation, and will provide more information in the near future.


Decentralized finance (DeFi) lending protocol Euler Finance became the victim of a flash loan exploit, which saw the attacker steal $197 million worth of crypto, security firms BlockSec and PeckShield said on 13 March.

According to on-chain data, the attack on the protocol began at 4:50 am ET, when the exploiter began to carry out multiple transactions to steal 85,818 staked ether (stETH), 34.5 million USDC, 849 wrapped Bitcoin (WBTC), and 8.9 million DAI. Euler Finance noted it is working with security professionals and more information will be released soon.

Crypto analytic firm Meta Sleuth observed that the exploiter used a multichain bridge to transfer funds from the BNB Smart Chain (BSC) to Ethereum before executing his attack today. ZachXBT also noted that the movement of funds and the way the attack was carried out were similar to how a BSC-based protocol was exploited last month.

On-chain data shows that the attacker borrowed more than $30 million worth of DAI from DeFi protocols Balancer and Aave, $20 million of which were sent to Euler in exchange 19.5 million of eDAI (a collateral token). He then borrowed ten times the deposited amount from Euler — receiving 195.6 million eDAI and 200 million dDAI (debt token) — and then repaid a part of the debt using the remaining $10 million DAI from Balancer and Aave. By repeating these steps the attacker was able to trick the protocol into falsely assuming it owed more to depositors than it held.

Loading comments...
Related Coverage
Unibot to Compensate Users Affected by Exploit
  • Popular Telegram bot Unibot, which is used to snipe trades on Uniswap, became a victim of a token approval exploit earlier today, when it was switching to a new router.
  • After confirming the exploit, Unibot assured users that their keys and wallets were safe, and that the project will compensate all affected users.
October 31, 2023, 3:01 PM


Balancer Exploited After Giving Warning
  • DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
  • The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.
Zunami Protocol’s Stablecoin Pools Exploited, Suffers $2.1M Loss
  • DeFi yield aggregator Zunami Protocol confirmed that a hacker had attacked its “zStables” pools on Curve Finance using a price manipulation exploit.
  • Security firm PeckShield has estimated that over $2.1 million was lost during the attack, while SlowMist said it had informed Zunami of the vulnerability two months ago.