DeFi lending platform Euler Finance now appears to be working towards an agreement with its anonymous exploiters.

“We want to make this easy on all those affected. No intention of keeping what is not ours,” said the hackers in a message encoded in a March 20 blockchain transaction sent to Euler. 

“Setting up secure communication. Let us come to an agreement,” the exploiters added, days after executing a flash loan exploit that drained nearly $200 million worth of crypto from the platform.

Euler acknowledged the hackers’ message in its own blockchain-encoded transactions sent to the hacker a few hours later.

“Message received. Let’s talk in private on blockscan via the Euler Deployer address and one of your EOAs [externally owned account], via signed messages over email at contact@euler.foundation, or any other channel of your choice. Reply with your preference,” stated Euler. 

The group behind the exploit appears to have had a change of heart after they seemingly ignored a request to return 90% of the funds from Euler last week, instead sending at least $1.6 million worth of ETH to the coin mixer Tornado Cash. In an unexpected turn of events on Monday, the hackers sent 3,000 ETH back to the Euler deployer contract.

Euler acknowledged the return of these funds, offering to drop the $1 million reward for the information about the exploiters if the entire sum was given back.

In total, the exploiters’ wallet still holds $191 million worth of assets comprising 81,900 ETH and 43 million DAI tokens.

This isn’t the first time hackers behind such a large-scale exploit have opted to return the funds instead of cashing out. In August 2021, the Poly Network hacker returned all $610 million worth of crypto stolen in a smart contract exploit, after communicating with the team in a similar fashion – embedded Ethereum transactions.