• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

UK Crypto Firm Loses $200m in Cyber-Attack

You are here: Home / General Cyber Security News / UK Crypto Firm Loses $200m in Cyber-Attack
March 14, 2023

UK crypto startup Euler Labs has suffered a devastating cyber-attack, in which risk actors managed to steal close to $200m from its DeFi lending protocol.

The organization gives a DeFi protocol on Ethereum that it statements makes it possible for customers to lend and borrow nearly any crypto asset.

However, yesterday hackers managed to exploit a vulnerability in its code which enabled them to steal all around $199m in numerous digital currencies: USDC ($34.1m), Dai ($8.8m), Wrapped Bitcoin ($18.9m) and Staked Ether ($137.1m), in accordance to blockchain analysis firm Elliptic.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“Flash mortgage attacks entail having out large, small-time period uncollateralized crypto financial loans from a DeFi assistance, and employing the massive sums include to manipulate the marketplace and other DeFi products and services in their favor,” the business explained.

“The proceeds of the attack are previously currently being laundered by means of Tornado Dollars, a decentralized mixer that has been sanctioned by the US govt.”

Browse much more about current crypto theft here: Record $3.8bn Stolen By using Crypto in 2022

Elliptic stated the cash employed to have out the attack arrived from a Monero wallet. Whilst Monero is a personal coin which doesn’t have a public ledger of transactions related with it, it is possible to keep track of these money utilizing Elliptic’s investigation equipment, the agency explained.

For its portion, Euler Finance reported it quickly took motion to attempt and include the attack and engaged blockchain intelligence corporations Chainalysis and TRM Labs, as properly as the Ethereum security community, to test and get better the stolen resources.

The startup also shared info with UK and US law enforcers and even contacted its attackers “to see if we could possibly discover more about our options.”

Euler Labs was also rapid to issue out that auditors had not managed to place the vulnerability in earlier analyses of its lending protocol.

“Euler Labs works with different security groups to carry out audits of the Euler Finance protocol. Although the susceptible code was reviewed and authorised during an exterior audit, the vulnerability was not identified as aspect of the audit,” it claimed.

“The vulnerability remained on-chain for eight months right up until it was exploited today, even with a $1m bug bounty getting in place all through that time.”


Some areas of this report are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News MI5 Launches New Agency to Tackle State-Backed Attacks
Next Post: Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily microsoft warns of large scale use of phishing kits to send»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft
  • Podcast transcript: The changing face of cyber warfare
  • Vishing Campaign Targets Social Security Administration

Copyright © TheCyberSecurity.News, All Rights Reserved.