The pseudonymous Twitter user and blockchain investigator Officer’s Notes believes they may have been a suspect in the $195 million Euler Finance hack. In an April 4 Twitter thread, the security researcher stated, “Seems like I was a suspect in this case, as usual.”
The Euler team has denied that Officer’s Notes was a suspect, claiming instead that the researcher was helpful in the investigation.
they urgently woke me up in the middle of the night and been asking for help when the attack happened… we even had a google meet call lmao
WTF Euler was this just to get my GitHub access data logs from my OpSec repo (which I did lol)…
Seems like I was a suspect in this…
— Officer’s Notes (@officer_cia) April 5, 2023
Officer’s Notes, also known as Officer_cia, is a security researcher, blogger and auditor, according to their Twitter bio. The blog posts contain in-depth explanations of crypto security topics. They also maintain the “Crypto Op Sec Self Guard” GitHub repo, which features privacy tools for crypto users.
In their Twitter thread, Officer’s Notes states that the Euler team woke them up “in the middle of the night,” asking for access data logs from the Op Sec repo, including IP addresses of people who have visited it. Officer’s Notes complied with the request after being told that “this data was crucial in the investigation.”
Officer’s Notes expressed remorse for handing out this information, seeing it as a violation of readers’ privacy:
“So if you’ve ever interacted with my repositories, I hope you’ve done it under a VPN. I have no way of knowing what will happen to that data. I’m sorry.”
The blogger stated they might have been seen as a suspect in the Euler hacking case but protested the notion because they were too busy to commit any such crime:
“Really, if I wanted to hack the protocol, would I be in my third year of blogging and working? Please think about it. I’m glad you like my nickname, but you can’t exaggerate jokes like that.”
In a conversation with Cointelegraph, a representative from Euler stated that Officer’s Notes was never a suspect and that the team later thanked them for their help with the case:
“The investigation reached out to Officer CIA for help at a point when it believed some of his security tools were being used by the attacker to avoid detection. At no point was he believed by anyone at Euler to have played a part in the exploit. He was later thanked for the help he gave, even though he had been inadvertently left off the initial communications list.”
Euler Finance was the victim of a flash loan exploit on March 13. Over $195 million worth of crypto was stolen in the attack. On March 20, the attacker attempted to open negotiations with the Euler team to return the stolen funds. On March 18, they posted an apology letter to the Ethereum network, saying, “I didn’t want to, but I messed with others’ money, others’ jobs, others’ lives. […] I’m sorry.”
The attacker returned all of the recoverable funds by April 4.