Moola Market Hacked for $8.4million, 93.1% Of Stolen Funds Returned
Following an $8.4milion exploit, Moola Market, a Celo-based Defi lending protocol, has immediately ceased activities on their network. This was revealed via the official Twitter handle of the platform, stating that users should temporarily suspend trading mTokens, Moola-Interest bearing tokens.
How Was the Attack Launched On Moola Market?
The exploit occurred around 2 PM on the 18th of October, where the attacker allegedly took $8.4 million through manipulation of the network.
A tweet acknowledging the hack read:
“We are actively investigating an incident on @Moola_Market. All activity on Moola has been paused. Please do not trade mTokens.”
According to the information gathered from the blockchain by the researcher Igor Igamberdiev, the hacker received 243k CELO from Binance. He then loaned 60k CELO as collateral to Moola to borrow 1.8 million MOO (Moola’s Native Token). After that, he began to pump MOO with the remaining CELO, increasing its price from $0.018 to $5.6 within an hour.
This allowed him to borrow other coins using the borrowed MOO as collateral before the token price dropped to $0.36. Subsequently, he was able to grab 1.8million MOO ($655,000), 8.8 million CELO ($6.5 million), 765,000 cEUR ($750,000), and 644,000 cUSD ($639,000).
Hacker Returns 93.1% Of Stolen Funds, What’s Next?
Returning about 93% of the stolen funds is good news for the Moola community. Nevertheless, Moola already reported the case to the necessary authority and also offered the hacker a “bounty” if they returned the stolen funds within 24 hours.
Of course, the hacker complied! Moola Market expressed how happy they are following the receipt of the funds. However, this is a win-win situation since the impact on the Defi platform will be limited. They also vow to devise a mechanism to prevent a similar scenario in the future.
Before taking any further steps, the platform revealed that a governance vote is currently in place, and a decision will be based on its outcome.
“If this proposal passes, we will be in a position to unfreeze the protocol and plan to do so in a safe and thoughtful manner to mitigate future risks to Moola users…”, Moonla stated.
The platform also promises to devise a mechanism to recover the remaining funds.
October is Really a Month Of “Hacktober”
In October 2022, different attacks on Defi platforms have taken place. Almost less than a day before Moola’s exploit, Bitkeep experienced a hack causing them to lose about $1 million via the BNB chain.
However, the hackers returned most of the funds in both cases. Maybe this is a new trend among them — they hack a platform and wait for the company to negotiate a deal.
Despite the millions of dollars taken from Bitkeep and Moola Market, it wasn’t as much as the recent attack on both the BNB chain and the Mango market, where $200 million was stolen.
The crypto industry experienced different hack attacks in October, leading to experts naming it “Hacktober”.
According to an analysis from chainalysis, the industry has witnessed 11 different hack attacks excluding today’s incident, with about $718 million stolen, calling it “the biggest month in the biggest year ever for hacking activity”.
