In a bold display of criminal solidarity, the hacker behind the $27 million Penpie exploit has been publicly praised by the perpetrator of the $195 million Euler Finance attack.
On September 6, the Euler Finance exploiter sent an on-chain message applauding the Penpie hacker for holding onto the stolen funds, defying efforts to recover them.
The message read: “Good job bro. I’m happy you kept all the money and didn’t let these bastards get back one dollar of what you took.”
Source: PeckSheildAlert
Euler exploiter returned funds
While the Euler Finance hacker celebrated the Penpie attacker, their own story unfolded differently.
In March 2023, the Euler exploiter drained $196 million through a flash loan attack.
However, faced with legal threats and a $1 million bounty on their head, the hacker eventually negotiated with Euler and returned most of the stolen funds.
The Euler Finance attack leveraged vulnerabilities in the protocol, with the hacker moving funds across multiple addresses and even returning small amounts to individual victims.
Despite this, pressure mounted, and by April 4, the hacker had returned nearly all recoverable assets, concluding the episode.
Penpie hacker ignores bounty
In contrast, the Penpie hacker has shown no intention of following suit.
Exploiting a flaw in Penpie’s PendleStaking contract on September 3, the attacker manipulated the system to create a fake market, inflating their staking balances and siphoning off $27 million.
Assets stolen included staked Ethereum, sUSDE, and wrapped USDC.
Despite Penpie’s offer of a bounty for the return of the stolen funds, the hacker has continued to launder the money through Tornado Cash, a notorious crypto mixer used to obscure illicit transactions.
As of the latest reports, the attacker has funneled 9,600 ETH (roughly $23 million) through the service.
In response, Penpie launched a fresh bounty campaign on September 6, offering 10% of the recovered funds to anyone who provides information leading to the hacker’s identification.
However, the hacker has so far ignored these efforts, showing no signs of returning the stolen assets.
The post Hacker behind $27M Penpie heist applauded by Euler exploiter appeared first on Invezz