Moola Market, a decentralized finance (DeFi) lending platform, has suffered an exploit that resulted in a loss of more than $8.4 million from the protocol. Moola Finance becomes the latest DeFi platform to suffer a multi-million dollar exploit.
Moola Market loses $8.4M in DeFi exploit
Moola Market is a non-custodial liquidity protocol operating on Celo. Like many DeFi lending platforms, Moola Market enables users to earn compound interest on their deposits while being able to borrow over-collateralized loans.
The news of the exploit was first reported by Igor Igamberdiev, who said that the exploiter received 243,000 CELO tokens from the Binance exchange to conduct the attack. Afterward, they lent out 60,000 CELO to Moola market, after which they took out a loan of 1.8 million MOO tokens.
The attacker started boosting the price of MOO tokens using the remaining CELO tokens they used as collateral to take loans denominated by other tokens. After gaining 1.8 million MOO tokens, valued at $655,000, the attacker also obtained other tokens and stablecoins, including $6.5 million worth of CELO, $750,000 worth of cEUR, and $639,000 worth of cUSD.
Moola Market addressed the exploit. The company issued a statement on the incident, saying that they were actively investigating the matter and that activity on the platform had been halted.
We want to provide a detailed update on today’s incident and share our plan for safely restarting the @Moola_Market protocol. First off, we're buoyed by the fact that the majority of funds were recovered. This is good news for all users and means that the impact will be limited. https://t.co/JfglNlM2g3
— Moola Market (@Moola_Market) October 19, 2022
The developers on the protocol said that they had reached out to law enforcement after discovering this issue. Afterward, someone identifying as the attacker contacted the team, confirming their involvement in the hack.
The individual said they held the private key to the wallet containing the stolen funds. Moola also added that they started negotiating with the attacker, after which they recovered more than 993% of the stolen funds. These funds were recovered around 12 hours since the exploit happened.
Moola has also added that it has floated a governance proposal. The proposal seeks to prevent further attacks from happening in the future. Through this proposal, the protocol plans to lower the liquidation levels governing the use case of MOO, which will remove the asset as a “viable collateral asset.”
In the tweet, Moola Market added, “If this proposal passes, we will be in a position to unfreeze the protocol and plan to do so in a safe and thoughtful manner to mitigate future risks to Moola users. We aim to publish a more in-depth plan in the coming days.”
Growing attacks in the DeFi space
This month has seen many hacks happening in the DeFi sector. Mid this month, Chainalysis published a report saying that 2022 was on track to be the year when the largest number of hacks happened in the crypto sector. The Chainalysis researchers said that hackers had stolen more than $3 billion in 125 exploits.
1/ After four hacks yesterday, October is now the biggest month in the biggest year ever for hacking activity, with more than half the month still to go. So far this month, $718 million has been stolen from #DeFi protocols across 11 different hacks. pic.twitter.com/emz36f6gpK
— Chainalysis (@chainalysis) October 12, 2022
This month alone, more than three bridges have been exploited. The BNB Chain-based bridge was attacked, and the exploiters stole more than $100 million after the bridge suffered a $566 million exploit. QANplatform, a layer one blockchain, was also hacked in an attack that led to the theft of around $1 million QANX tokens.
The other attacks that have happened this month include a $2.3 million exploit that happened on TempleDAO and a $100 million exploit that happened on Mango Markets.
Related
Dash 2 Trade - New Gate.io Listing
- Also Listed on Bitmart, Changelly, LBank, Uniswap
- Collaborative Trading Platform Token
- Featured in Bitcoinist, Cointelegraph
- Solid Proof Audited, CoinSniper KYC Verified
- Trading Community of 70,000+ Members