Anonymous Twitter user and blockchain investigator Officer's Notes believe they may be suspects in the $195 million Euler Finance hack. In an April 4 Twitter post, the security researcher said, "As usual, I appear to be a suspect in this case."
Euler's team denied Officer's Notes was a suspect, instead claiming the researcher helped in the investigation. Officer’s Notes, also known as Officer_cia, is a security researcher, blogger, and auditor for blockchain security firm Pessimistic, according to their Twitter profile. Their blog posts are featured on Pessimistic's official website and contain in-depth explanations of cryptographic security topics. They also maintain the "Crypto Op Sec Self Guard" GitHub repository, which provides privacy tools for crypto users.
In their Twitter thread, Officer's Notes noted that Euler's team woke them up "in the middle of the night" to request access data logs from the Op Sec repository, including the IP addresses of those who had accessed it. Officer's Notes complied with the request after being told "these data are vital in the investigation". Officer's Notes regrets distributing this information as an invasion of reader privacy:
"So if you've ever interacted with my repository, I expect you did it under a VPN. I have no way of knowing what happens to that data. Sorry."
The blogger suggested that they could be considered suspects in the Euler hack, but protested that because they were too busy to commit any such crimes: "Really, if I wanted to crack the deal, would I be in my third year of blogging and working? Please think about it. Glad you like my nickname, but you can't joke like that."
In conversation with Cointelegraph, a representative for Euler stated that Officer’s Notes was never a suspect, and the team later thanked them for their help with the case:
"When investigators believed that the attacker was using some of his security tools to avoid detection, investigators sought help from CIA officials. Anyone at Euler believed he was involved in the attack. He was later credited for his assistance." Appreciated, although he was inadvertently left out of the initial communication list."
Euler Finance was the victim of the flash loan breach on March 13. More than $195 million worth of cryptocurrency was stolen in the attack. On March 20, the attackers attempted to negotiate the return of the stolen funds with the Euler team. On March 18, they posted an apology letter to the Ethereum network, saying “I don’t want to, but I messed with other people’s money, other people’s jobs, and other people’s lives sorry.”
