Wallet tied to Euler DeFi protocol hack sends 100 ETH to North Korean hackers
The funds were transferred to the address of the Lazarus group involved in the attack on the Ronin sidechain
17.03.2023 - 09:30
834
3 min
0
What’s new? Blockchain analysts at Lookonchain have reported that addresses associated with the recent exploit of the Euler Finance DeFi protocol and last year’s Ronin sidechain hack interacted. According to experts, a wallet controlled by Euler hackers sent 100 ETH (~$171 200) to an address tied to the Ronin attack. The latter, according to the US authorities, belongs to Lazarus Group, a hacker group from the DPRK.
Euler Finance Exploiter transferred 100 $ETH to Ronin Bridge Exploiter(stole 173,600 $ETH and 25.5M $USDC).Ronin Bridge Exploiter was listed by #OFAC as Lazarus Group – the North Korean state hacking group.Are the two hackers the same person or was it intentional? pic.twitter.com/aPzOkSlXb6
— Lookonchain (@lookonchain) March 17, 2023
What else is known about the hacks? After the attack on Ronin, the US Treasury Department put the wallet that held some of the stolen funds on the sanctions list, as well as the Blender.io crypto mixer that the hackers used to launder them. The incident was the largest in terms of damage in 2022.
Analysts estimate the damage from hacker attacks on crypto projects in 2022 at $3 billion
In total, Chainalysis counted 125 incidents related to attacks on crypto companies in 2022
In September, the US authorities seized $30 million in cryptocurrency that was stolen from the sidechain. Chainalysis said that this refund is a record for law enforcement in the United States.
Euler suffered a flash loan attack on March 13, losing about $200 million. Hackers used code that allowed them to create an unsecured token debt position by donating funds to protocol reserves and then liquidating those accounts and profiting from liquidation bonuses. The team is working to recover the fundswith input from blockchain analysts, as well as the US and UK authorities.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$62 618
BTC
+0.29%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.1
XRP
-0.49%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.07875
DOGE
-0.49%
-
Zcash
$413.94
ZEC
-2.05%
-
Stellar XLM
$0.191681
XLM
-0.31%
-
Cardano
$0.150277
ADA
-1.72%
-
Polkadot
$3.32
DOT
+5.27%