{"id":301,"date":"2022-10-19T17:29:35","date_gmt":"2022-10-19T17:29:35","guid":{"rendered":"https:\/\/live-script.xyz\/defi-platform-moola-exploited-for-8-4-million-in-incident-described-as-incredibly-simple-attack\/"},"modified":"2022-10-19T17:29:35","modified_gmt":"2022-10-19T17:29:35","slug":"defi-platform-moola-exploited-for-8-4-million-in-incident-described-as-incredibly-simple-attack","status":"publish","type":"post","link":"https:\/\/live-script.xyz\/defi-platform-moola-exploited-for-8-4-million-in-incident-described-as-incredibly-simple-attack\/","title":{"rendered":"Defi Platform Moola Exploited for $8.4 Million in Incident Described as \u2018Incredibly Simple Attack\u2019"},"content":{"rendered":"
Moola, a decentralized finance (defi) lending and borrowing platform, was recently exploited for $8.4 million in what has been described as an \u201cincredibly simple attack.\u201d Moola responded to the attack by pausing all activity on the platform. The defi platform also told the attacker(s) it was willing to negotiate a \u201cbounty payment in exchange for returning the funds within the next 24 hours,\u201d and Moola Market has since claimed that \u201c93.1% of funds have been returned to the Moola governance multi-sig.\u201d<\/strong><\/p>\n The decentralized finance (defi) lending platform Moola has become the latest such platform to be breached and digital assets worth $8.4 million were siphoned in what has been described as \u201can incredibly simple attack.\u201d According to a Twitter user named Igor Igamberdiev, the digital assets that the attacker made off with include 8.8 million CELO ($6.5 million) and 1.8 MOO ($0.6 million) tokens as well as euro and dollar stablecoins valued at $1.3 million.<\/p>\n 1\/3<\/p>\n Today @Moola_Market<\/a> has been exploited for $8.4M:<\/p>\n \u2013 8.8M CELO ($6.5M) It was an incredibly simple attack pic.twitter.com\/mSRNaMBwQi<\/a><\/p>\n \u2014 Igor Igamberdiev (@FrankResearcher) October 18, 2022<\/a><\/p>\n\n Explaining how the incident went down, Igamberdiev revealed the attacker initiated the process with 243,000 CELO tokens obtained from Binance. Next, the attacker \u201clent 60k CELO to Moola and borrowed 1.8M MOO to use them as collateral.\u201d Now left with a little over 180,000 CELO tokens, the attacker(s) then began using these to pump the MOO price as well as \u201cuse it as collateral and borrow all other tokens.\u201d<\/p>\n Next, after offers for negotiation, the attacker(s) returned funds to the defi platform\u2019s multi-sig and in the end, they \u201cgot 700k CELO as a bug bounty.\u201d Igamberdiev added that the attackers had \u201calready tried to move 50k of them to the multi-sig created by Impact Market.\u201d<\/p>\n\n Following the attack, Moola Market issued a statement acknowledging the attack and its willingness \u201cto negotiate a bounty payment in exchange for returning the funds within the next 24 hours.\u201d In addition to pausing all activity on Moola, the defi platform told the attacker that contact had been made with law enforcement and that steps have been taken to make it difficult for the attackers to liquidate the tokens.<\/p>\n Following today’s incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola, and will follow up with the community about next steps, and to safely restart operations of the Moola protocol.<\/p>\n \u2014 Moola Market (@Moola_Market) October 19, 2022<\/a><\/p>\n\n In a tweet, the defi platform also claimed that over 93% of the funds had already been returned to its governance multi-sig and that the community will be informed of the next steps.<\/p>\nFunds Siphoned From Moola<\/h2>\n
\u2013 765k cEUR ($0.7M)
\u2013 1.8M MOO ($0.6M)
\u2013 644k cUSD ($0.6M)<\/p>\nMoola Was Willing to Negotiate<\/h2>\n