Benevolent Moola Market DeFi Hacker Returns $9M in Exploited Funds

moohack

Hacktober’ is continuing to solidify itself as one of the worst months on record for crypto and decentralized finance (DeFi) exploits as Moola Market joins the list of victims.

On Oct. 19, DeFi liquidity protocol Moola tweeted that it was investigating an incident and had paused operations of the platform.

Web3 security firm Hacken looked into the exploit revealing that $9.1 million had been stolen from the Celo blockchain-based platform.

The attacker funded an account with CELO tokens and used them to buy large amounts of MOO tokens which caused prices to climb due to low liquidity. The attacker borrowed more CELO using MOO collateral, repeating this cycle and pushing up the prices. A huge loan was taken out at these inflated prices.

“By repeating this cycle, he increased $MOO token price from $0.018 to $0.65”

Attacker returns Moola Market funds

The self-funded attack was very similar to the exploit of Mango Markets last week due to a similar economic design flaw in the protocol.

Moola Markets posted that they had contacted law enforcement and were willing to negotiate a bounty. It seems like this exploiter was benevolent and agreed to the negotiations as a few hours ago, Moola tweeted.

“Following today’s incident, 93.1% of funds have been returned to the Moola governance multi-sig.”

The attacker also donated a portion of the unreturned funds to ImpactMarket, a Moola Market depositor that provides unconditional basic income (UBI) in financially under-banked communities around the world.

Moola is currently working on governance proposals to close the loophole that resulted in the exploit but it urges for a quick resolution so that the system can be started up again.

“Additionally, we will investigate mechanisms to help further restore the remaining 6.9% collateral to minimize the impact of this incident on Moola users,” it concluded.

The actual bounty was not disclosed, but it is likely to be upwards of $500,000, considering the amount returned to the protocol.

The DeFi exploit is the latest in a long list this month, which includes Mango Markets, BitKeep, TempleDAO, QANplatform, and BNB Chain.

MOO token reaction

CELO token prices have dropped 4.5% on the day in a fall to $0.727, according to CoinGecko. The token is currently down 93% from its August 2021 all-time high of $9.82.

The MOO price has returned to pre-exploit levels of around $0.018. It has lost 99% of its value since its September 2021 peak price of just over $3.

MOO/USD 24 hour – CoinGecko

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.