A pockets linked to the Ronin bridge exploiter despatched 2 Ethereum (ETH) — value $3,586 — to Euler Finance (EUL) hacker on March 17, based on on-chain information.
The transaction was connected with a message urging the Euler Finance hacker to decrypt an encrypted message.
Polygon’s chief data safety officer Mudit Gupta mentioned the connected message was a phishing try. Gupta added:
“DPRK [Ronin Bridge exploiter] simply despatched an on-chain message to Euler exploiter, making an attempt to phish him and anybody else silly sufficient to enter their non-public key within the device they shared.”
Gupta additional warned the group to not ever enter their “non-public key on any web site or device.”
Blockchain safety agency Hexagate corroborated Gupta’s view. The agency added, “the Ronin bridge attacker was making an attempt to use the Euler attacker by luring him into working a susceptible program.”
In the meantime, this isn’t the primary time each exploiters would work together with themselves. The Euler attacker despatched 100 ETH to the Ronin Bridge hacker on March 17.
The Ronin Bridge exploit was linked to the notorious North Korean hacker group Lazarus.
Euler Labs urge attacker to not open message
In the meantime, the decentralized finance (DeFi) protocol developer Euler Labs informed its exploiter to not open the encrypted message beneath any circumstance. The protocol additional urged the exploiter that “the best means out right here is to return funds.”
The undertaking elaborated that the recommended decryption device was an previous model of a susceptible elliptic. Based on the builders, the non-public keys concerned within the decrypting could be revealed after some ECDH operations.
The Euler exploiter had returned 3000 ETH to the DeFi undertaking and had expressed willingness to return the stolen funds.
