London, UK based De-Fi platform company Euler has lost a reported $196 million to a flash loan attack.
A flash loan is an instant unsecured loan controlled by smart contracts. It allows a borrower to obtain collateral, use that collateral for its purposes, and return the collateral to its source provided it all occurs within a single transaction. It consequently relies on a sequence of complex conditions.
A legitimate example could be a trader wishing to take instant advantage of different coin values on different platforms: borrow the money without collateral, buy at the low price and sell at the high price, and return the loan instantly.
The concept was pioneered in 2020 by the Ethereum lending platform Aave, which states in its documentation, “There is no real-world analogy to Flash Loans.” Coindesk adds, “The concept is new and still has a lot of kinks [as] new hacks are making abundantly clear.”
Details of this attack are not yet clear. PeckShield Inc tweeted a warning to Euler “Hi @eulerfinance: you may want to take a look…”
Euler responded mid-morning (GMT), March 13, 2023, “We are aware and our team is currently working with security professionals and law enforcement. We will release further information as soon as we have it.” The Euler website displays a similar sentiment.
It appears that the attacker used flash loans to borrow from the De-Fi protocols Aave and Balancer, and deposited the money with Euler. The attacker then borrowed ten times the amount it had deposited with Euler. The precise means, or vulnerability, by which the attacker could break the smart contract and keep the borrowings is not clear. Nor is it entirely clear whether the attack has finished, or whether it is still in process and more losses will be revealed.
Rebecca Moody, head of data research at Comparitech, commented, “De-Fi platform Euler Labs has suffered a flash loan attack, with reports suggesting as much as $197 million has been stolen in total (figures are continually growing as this is updated).” She notes that this is the largest crypto hack of 2023 so far, and the eleventh largest of all time.
“It also takes the total lost in 2023 so far to more than $363 million with 43 attacks recorded so far,” she continued. “Flash loans account for 14 of these attacks and more than half of the funds stolen ($207.5 million).”
Euler was founded in September 2020 in London by Doug Hoyte, Jack Prior, and Michael Bentley (CEO). It has raised a total of $40.8 million over three rounds – the latest being a venture round (series undisclosed) in June 2022.
UPDATE, March 29: Coindesk now reports the hacker, calling himself ‘Jacob’, is returning the stolen money. Jacob doesn’t make the reason clear, and there is no official confirmation on Euler’s website. We will update this story if more relevant data becomes available.
Related: FBI Confirms North Korean Hackers Behind $100 Million Horizon Bridge Heist
Related: Hackers Steal Over $600M in Major Crypto Heist
Related: Nearly $200 Million Stolen From Cryptocurrency Bridge Nomad

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Venafi Leverages Generative AI to Manage Machine Identities
- Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd
- OT/IoT and OpenTitan, an Open Source Silicon Root of Trust
- CISOs and Board Reporting – an Ongoing Problem
- Vector Embeddings – Antidote to Psychotic LLMs and a Cure for Alert Fatigue?
- The Team8 Foundry Method for Selecting Investable Startups
- Hacker Conversations: Alex Ionescu
- The Reality of Cyberinsurance in 2023
Latest News
- Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
- Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
- City of Dallas Details Ransomware Attack Impact, Costs
- In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
- Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
