- Moola Market suffered a cyber-attack exploiting over $8.4 million.
- The DeFi platform managed to retrieve 93.1% of the exploited funds.
- A tech lead at Arbitrum saved BitBTC nearly $200 billion from a potential exploit.
DeFi lending and borrowing platform Moola Market suffered a cyber-attack and was exploited for $8.4 million. The hackers manipulated the price of the native token MOO on Ubeswap on October 18, at around 4:04 pm UTC.
The DeFi platform informed its users of the breach on its Twitter handle.
We want to provide a detailed update on today’s incident and share our plan for safely restarting the @Moola_Market protocol. First off, we're buoyed by the fact that the majority of funds were recovered. This is good news for all users and means that the impact will be limited. https://t.co/JfglNlM2g3— Moola Market (@Moola_Market) October 19, 2022
Initial investigations revealed that the attacker used MOO as security and was able to borrow a sizable sum of cUSD, cEUR, and Celo from the protocol, thereby depleting its reserves.
Following the attack, the Moola team contacted authorities and offered a bug bounty to the exploiter if funds were returned within 24 hours. Subsequently, five hours later, Moola tweeted that it had received about 93.1% of the exploited funds. The attacker kept the remaining $500,000 as a bug bounty.
The Moola team officially announced that:
Following today’s incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola and will follow up with the community about the next steps, and to safely restart operations of the Moola protocol
As of now, the trading activities on Moola remain suspended and the team is trying to restore functionality to the Moola protocol and ensure that updated measures are in place to prevent the incident from repeating.
On the other hand, Lee Bousfield, a tech lead at Arbitrum, helped prevent the latest such near-miss by publicly pointing out a vulnerability in BitBTC’s Optimism bridge, following an entire year of “successful” robberies. Bousfield saved BitBTC nearly $200 billion, which could have been lost in the exploit.
The techie added that the Optimism layer-2 blockchain bridge facilitates withdrawals of any token from a corresponding layer-1 wallet. Whereas, the BitBTC code does not acknowledge what the layer-2 token is — and mints an arbitrary layer-1 to match.
The post Moola Market Loses $8.4 Million in an ‘Incredibly Simple Attack’ appeared first on Coin Edition.