Moola Market Releases Attack Report and Restart Plan

Celo ecosystem lending protocol Moola Market has released a report of the attack and a restart plan. According to an official disclosure, Starting at 4:04 pm UTC on October 18th, an unknown attacker started manipulating the price of $MOO on Ubeswap, allowing the attacker to manipulate the $MOO TWAP price oracle used by the Moola protocol. As a result, the attacker was able to borrow a large amount of $cUSD, $cEUR, and $CELO from the protocol using $MOO as collateral, effectively draining the protocol of its funds.

After the Moola team contacted and negotiated with the attacker, the attacker returned 93.1% of the funds to an admin multisig used by Moola and donated a portion of the unreturned funds to ImpactMarket, a Moola Market depositor that provides UBI in financially under-banked communities around the world.

The team's focus has shifted to safely restoring functionality to the Moola protocol. There is a governance vote currently in-flight for proposal ID 9 to reduce LTV and liquidation threshold governing MOO's use as collateral, effectively removing it as a viable collateral asset. If this proposal passes, the team will be in a position to unfreeze the protocol.

Additionally, Moola said that it will investigate mechanisms to help further restore the remaining 6.9% of collateral to minimize the impact of this incident on Moola users.

Previously, Moola Market was exploited and has paused operations, losing approximately $8.4 million.

Source

Celo

Lending

DeFi

Security Incidents

In This Article

Related News
North Korean hackers use fake Zoom updates to deliver ‘NimDoor’ macOS malware targeting crypto firms North Korean hackers use fake Zoom updates to deliver ‘NimDoor’ macOS malware targeting crypto firms
Term Finance recovers $1 million of $1.6 million loss to oracle configuration error Term Finance recovers $1 million of $1.6 million loss to oracle configuration error
Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain
Stablecoin neobank Infini exploited for $49 million: security analysts Stablecoin neobank Infini exploited for $49 million: security analysts
Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum
Latest News More More
2 Days Ago Tether plans further Bitcoin mining expansion in South America with Adecoagro tie up
3 Days Ago JPMorgan's blockchain unit tests new carbon credit tokenization application with S&P Global
6 Days Ago Ethereum community plans onchain ‘time capsule’ to mark 10th anniversary of network’s genesis block
June 25 Circle's post-IPO stock surge pushes market cap near Coinbase and USDC
June 20 Kraken offers bitcoin ‘staking’ yield via Babylon without wrapping or lending
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open