Moola Market Hacker Returns 93% of Stolen Funds Following An Agreement

Following a recent attack on Celo blockchain-based decentralized finance (DeFi) lending protocol Moola Market, the attacker has returned over 93% of stolen funds with about a half-million dollar as bug bounty as per a post. 

The attacker returned those funds to an admin multisig used by Moola. Afterwards based on our recommendation the attacker donated a portion of the unreturned funds to ImpactMarket, a Moola Market depositor that provides UBI in financially under-banked communities around the world

— Moola Market 🐮 (@Moola_Market) October 19, 2022

The DeFi platform agreed to the proposal that the attacker should take a $500,000 bounty while refunding the outstanding $9 million worth of cryptocurrencies to the platform. 

…bounty payment in exchange for returning the funds within the next 24 hours.

— Moola Market 🐮 (@Moola_Market) October 18, 2022

Moola Market team maintains that it has paused all activity on the protocol and has also offered a bug bounty if the exploiter returns funds. 

A critical investigation into the ordeal by Web3 security company Hacken reveals that the attacker manipulated the price of the protocol’s native token, MOO, by buying around $45,000 worth and depositing it as collateral to borrow Celo token.

🚨 @Moola_Market protocol in the Celo (@CeloOrg) Ecosystem was exploited for $9.1 millions almost 5 hours ago

Here are the details of exploit:

…

— Hacken🇺🇦 (@hackenclub) October 18, 2022

Thereafter, the borrowed CELO coupled with the CELO provided by the attacker were then used to borrow more MOO, thereby pushing up the price of the token. 

It was gathered that the attacker keeps repeating the process until the MOO token price increased by 6,400% 

Given the inflated token price, the attacker was successfully able to borrow $6.6 million worth of CELO, $1.2 million of MOO coupled with $740,000 of Cello Euros (cEUR) and $644,000 Celo Dollars (cUSD). All accumulating to $9.1 million

Meanwhile, Moola Market has confirmed the receipt of 93.1% of the stolen funds to its Moola governance multi-sig. 

Rise of Crypto Hacks And Bug Bounty

More than ever before, there is an increasing rise in the number of crypto hacks and bug bounty. Like Moola Market, Solana-based DeFi Mango Market also experienced similar attack on Oct. 11

We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation.

We are taking steps to have third parties freeze funds in flight. 1/

— Mango (@mangomarkets) October 11, 2022

As a consequence, the attacker also proposed an offer to return the $117million stolen funds while retaining $47 million as a bug bounty. 

Recall that October has been dubbed as the biggest month for crypto hacks according to Blockchain analytics firm Chainalysis.

1/ After four hacks yesterday, October is now the biggest month in the biggest year ever for hacking activity, with more than half the month still to go. So far this month, $718 million has been stolen from #DeFi protocols across 11 different hacks. pic.twitter.com/emz36f6gpK

— Chainalysis (@chainalysis) October 12, 2022

It reports that 11 different Decentralized Finance (DeFI) protocols have been attacked in the month of October. Some of the victims include blockchain QANpatform Ethereum bridge, Mango Market, among others.