An attacker has returned just over 93% of the more than $9 million in cryptocurrencies they exploited from the Moola Market decentralized finance protocol, which is based on the Celo blockchain (CELO$0.73).
Moola Market tweeted around 6 p.m. UTC on Oct. 18 that it was investigating an incident and that all activity had been halted. The company also contacted authorities and offered the exploiter a bug bounty if the funds were returned within 24 hours.
In an analysis of the exploit by Web3 security company Hacken, it has been determined that the attacker manipulated the price of the protocol's native MOO token, which is a low-liquidity token, by initially purchasing around $45,000 worth of it and depositing it as collateral to borrow CELO.
As collateral, the borrowed CELO and further CELO provided by the attacker were used to borrow more MOO, thus driving up the token's price. This was repeated until the price of the MOO token had increased by 6,400%.
The attacker managed to borrow $6.6 million worth of CELO, $1.2 million worth of MOO and $740,000 worth of Cello Euros (cEURs), and $644,000 worth of Celo Dollars (cUSD) with the inflated token price, resulting in a loss of approximately $9.1 million for the protocol.
Moola Market tweeted five hours after the discovery of the exploit that it had received approximately 93% of the funds exploited, with the attacker apparently keeping the remainder for a bug bounty of around $500,000.
“Following today's incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola and will follow up with the community about the next steps, and to safely restart operations of the Moola protocol. (1/2)“
— Moola Market (@Moola_Market) October 18, 2022
Similar to the $117 million exploit suffered by Mango Markets on Oct. 11, in which Avraham Eisenberg and his team manipulated the price of the Solana (SOL$30)-based DeFi protocol's native token in order to borrow cryptocurrencies without adequate collateral... Eisenberg negotiated to keep $47 million as a “bounty.”
BitKeep, a multi-chain cryptocurrency wallet, also suffered an exploit late on Oct. 17 when an attacker stole $1 million worth of Binance Coin (BNB$272) from a service used to swap tokens. BitKeep promises to fully reimburse any users who were affected.
Based on analytics firm Chanalysis, the total hacked value reached around $718 million up until Oct. 12 - the largest month for hacking activity in recent memory.