Hacker Steals $8.4 Million from Moola Market DeFi Protocol
As cybercrime continues to be an important subject in the decentralized finance (DeFi) sector, the latest incident sees Moola Market being exploited for over $8.4 million. In a surprising turn of events, the majority of these funds were later returned.
“First off, we’re buoyed by the fact that the majority of funds were recovered. This is good news for all users and means that the impact will be limited,” Moola Market tweeted following the attack on the protocol.
“Following today’s incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola and will follow up with the community about the next steps, and to safely restart operations of the Moola protocol,” according to the protocol.
Igor Igamberdiev, Research Director at The Block, tweeted that, under the “incredibly simple attack”, the “exploiter was funded with 243k CELO” from major exchange Binance, which allowed them to access some $8.4 million worth of crypto.
“The attacker lent 60k CELO to Moola and borrowed 1.8M MOO to use them as collateral” after which they “started pumping the MOO price with the remaining CELO, and to use it as collateral and borrow all other tokens,” he said.
A report released earlier this year by blockchain analysis company Chainalysis stated that some forms of cryptocurrency-based crime, including hacking and theft of funds, have increased in occurrence this year. The firm believes that much of this can be attributed to the rapid rise in funds stolen from DeFi protocols, a trend that started last year.
“Through July 2022, $1.9 billion worth of cryptocurrency has been stolen in hacks of services, compared to just under $1.2 billion at the same point in 2021,” the firm’s report said.
Following a string of major attacks, last August, the U.S. Federal Bureau of Investigation (FBI) also said it was taking steps to warn investors and platforms about cybercrime risks. The law enforcement agency said it was also recommending a set of precautions that could prevent DeFi market participants from losing their assets to criminals.
“Cyber criminals are increasingly exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal cryptocurrency, causing investors to lose money,” the agency said in a statement. “Cyber criminals seek to take advantage of investors’ increased interest in cryptocurrencies, as well as the complexity of cross-chain functionality and open source nature of DeFi platforms.