Exploiter Returns 90% of “Recoverable Funds” to Euler Finance

The person behind the $200 million exploit of decentralized lending platform Euler Finance has returned the last “recoverable funds” 23 days after they were stolen, the project said via Twitter on 4 April.

According to on-chain data, the attacker returned the remaining sum of $31 million — which was comprised of 10,580 ETH ($19 million) and $12 Million in DAI — over three separate transactions late on Monday. With these final transactions, the total value of assets returned by the attacker are a little over $177 million, which is 90% of the expected recoverable funds when considering the 10% bounty offered by Euler Finance.

The move marks a rare positive ending in the DeFi space, where large-scale exploits have become a common occurrence. Euler’s troubles began on 13 March, when an attacker carried out multiple transactions leveraging flash loans to steal around $197 million worth of crypto assets. The platform quickly offered the attacker a 10% bounty if he was willing to return the assets, and warned it would initiate a $1 million reward for any information that might lead to his arrest.

The recovery process began on 18 March, when the attacker decided to return around $5.4 million to the platform, and then continued to return the stolen crypto assets at variable intervals. The individual also attached messages to several blockchain transactions, seemingly apologizing about the exploit, and promising to return the remaining funds as soon as possible.