Euler Finance Exploited with Flash Loan Attack Resulting in Loss of $196 Million

Summary

On March 13, 2023, a flash loan attack targeted Euler Finance, a noncustodial lending platform on the Ethereum blockchain. The attack led to a loss of roughly $196 million in various cryptocurrencies, including Dai, USD Coin, Staked Ether, and Wrapped Bitcoin. The attacker took advantage of a weakness in Euler’s smart contract, specifically in a feature called “donateToReserves.”

The attacker used multiple Ethereum addresses to exploit this weakness in the contract and took advantage of a problem in Euler’s system for liquidation. They took 30 million DAI as a flashloan from Aave, and deposited to Euler. Consequently, they generated a lot of eDAI and sent it to an address that didn’t exist, which lowered their “health score” within Euler’s system. This allowed them to start a liquidation process and shift large amounts of debt to their account.

In response, Euler Finance quickly disabled the feature that had been exploited. They asked the attacker to return 90% of the stolen funds and threatened to take legal action. They also offered a $1 million reward for information that could identify the attacker.

The attacker began to return the stolen assets after Euler took these steps. With the return of the funds, Euler Finance withdrew its $1 million reward offer.

Attackers

The attackers remain unidentified. The attackers utilized the following Ethereum addresses:

The following contracts were used in the attack:

Losses

Breakdown of the lost $196 million:

  • $8.7 million in Dai
  • $18.5 million in Wrapped Bitcoin
  • $135.8 million in Staked Ethereum
  • $33.8 million in Circle’s USD stablecoin, USDC

Timeline

Security Failure Causes

Smart contract vulnerability: Euler’s smart contract update containing “donateToReserves” function had a major flaw that the attacker exploited using multiple Ethereum addresses to perform malicious actions.

Flaw in the liquidation discount logic: The attacker used the heavy discounts Euler offered to liquidators. They created a lot of eDAI, sent it to a null address lowering their health score, and then started the liquidation process, moving large debts to their liquidator account.