Decentralized finance (DeFi) platform Moola Market recently faced a security incident resulting in a loss of approximately $9 million worth of cryptocurrency. The platform, which operates on the Celo blockchain, acknowledged the breach in a tweet posted on Tuesday, October 18. Following the incident, all trading activities on Moola Market were paused as the team launched an investigation into the matter.
In a series of tweets, the Moola Market team disclosed that they were actively working to address the situation. They also reached out to law enforcement and implemented measures to hinder the liquidation of the stolen funds. Furthermore, the team expressed willingness to negotiate a bounty with the attacker in exchange for the return of the funds within 24 hours.
Fortunately, the hacker agreed to return a significant portion of the stolen funds in exchange for a bounty. In a subsequent tweet, Moola Market announced that 93.1% of the funds had been returned to the platform’s governance multi-sig. The team assured users that all activities on Moola Market remained suspended as they planned the next steps to safely resume operations.
A detailed update provided by Moola Market revealed that the attacker had manipulated the price of MOO on Ubeswap, enabling them to exploit the MOO time-weighted average price (TWAP) oracle utilized by the Moola protocol. This manipulation allowed the attacker to borrow substantial amounts of cUSD, cEUR, and CELO from the protocol using MOO as collateral, resulting in the depletion of the platform’s funds.
Following a direct message from the attacker, who claimed control of the private key custodying the majority of the funds, Moola Market was able to recover 93.1% of the stolen assets. This incident mirrored a similar exploit experienced by Mango Markets the previous week, where the hacker negotiated to retain a portion of the stolen funds as a “bounty.”
Blockchain security platform CertiK analyzed the incidents and highlighted the importance of using highly liquid collateral assets to prevent such exploits in DeFi platforms. The FBI issued a warning in August 2022 regarding the increasing trend of cybercriminals exploiting vulnerabilities in DeFi platforms to steal investor funds.
The surge in cryptocurrency values in recent years has led to a rise in crypto theft incidents. In a separate incident earlier this month, a hacker absconded with $570 million from a popular cross-chain bridging service. It is crucial for users to remain vigilant and conduct thorough assessments of the security measures employed by DeFi platforms to safeguard their assets from potential exploits.