{"id":7950,"date":"2022-10-20T05:54:41","date_gmt":"2022-10-20T05:54:41","guid":{"rendered":"http:\/\/cryptoheretostay.com\/?p=7950"},"modified":"2022-10-20T05:54:42","modified_gmt":"2022-10-20T05:54:42","slug":"defi-platform-moola-exploited-for-8-4-million-in-incident-described-as-incredibly-simple-attack","status":"publish","type":"post","link":"https:\/\/cryptoheretostay.com\/?p=7950","title":{"rendered":"Defi Platform Moola Exploited for $8.4 Million in Incident Described as &#8216;Incredibly Simple Attack&#8217;"},"content":{"rendered":"<p> <script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"crypto\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<\/p>\n<p><strong>Moola, a decentralized finance (defi) lending and borrowing platform, was recently exploited for $8.4 million in what has been described as an \u201cincredibly simple attack.\u201d Moola responded to the attack by pausing all activity on the platform. The defi platform also told the attacker(s) it was willing to negotiate a \u201cbounty payment in exchange for returning the funds within the next 24 hours,\u201d and Moola Market has since claimed that \u201c93.1% of funds have been returned to the Moola governance multi-sig.\u201d<\/strong><\/p>\n<h2>Funds Siphoned From Moola<\/h2>\n<p>The decentralized finance (defi) lending platform Moola has become the latest such platform to be breached and digital assets worth $8.4 million were siphoned in what has been described as \u201can incredibly simple attack.\u201d According to a Twitter user named Igor Igamberdiev, the digital assets that the attacker made off with include 8.8 million CELO ($6.5 million) and 1.8 MOO ($0.6 million) tokens as well as euro and dollar stablecoins valued at $1.3 million.<\/p>\n<p lang=\"en\" dir=\"ltr\">1\/3<\/p>\n<p>Today @Moola_Market has been exploited for $8.4M:<\/p>\n<p>\u2013 8.8M CELO ($6.5M)<br \/>\u2013 765k cEUR ($0.7M)<br \/>\u2013 1.8M MOO ($0.6M)<br \/>\u2013 644k cUSD ($0.6M)<\/p>\n<p>It was an incredibly simple attack\ud83d\udc47 pic.twitter.com\/mSRNaMBwQi<\/p>\n<p>\u2014 Igor Igamberdiev (@FrankResearcher) October 18, 2022<\/p>\n<p>Explaining how the incident went down, Igamberdiev revealed the attacker initiated the process with 243,000 CELO tokens obtained from Binance. Next, the attacker \u201clent 60k CELO to Moola and borrowed 1.8M MOO to use them as collateral.\u201d Now left with a little over 180,000 CELO tokens, the attacker(s) then began using these to pump the MOO price as well as \u201cuse it as collateral and borrow all other tokens.\u201d<\/p>\n<p>Next, after offers for negotiation, the attacker(s) returned funds to the defi platform\u2019s multi-sig and in the end, they \u201cgot 700k CELO as a bug bounty.\u201d Igamberdiev added that the attackers had \u201calready tried to move 50k of them to the multi-sig created by Impact Market.\u201d<\/p>\n<h2>Moola Was Willing to Negotiate<\/h2>\n<p>Following the attack, Moola Market issued a statement acknowledging the attack and its willingness \u201cto negotiate a bounty payment in exchange for returning the funds within the next 24 hours.\u201d In addition to pausing all activity on Moola, the defi platform told the attacker that contact had been made with law enforcement and that steps have been taken to make it difficult for the attackers to liquidate the tokens.<\/p>\n<p lang=\"en\" dir=\"ltr\">Following today&#8217;s incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola, and will follow up with the community about next steps, and to safely restart operations of the Moola protocol.<\/p>\n<p>\u2014 Moola Market \ud83d\udc2e (@Moola_Market) October 19, 2022<\/p>\n<p>In a tweet, the defi platform also claimed that over 93% of the funds had already been returned to its governance multi-sig and that the community will be informed of the next steps.<\/p>\n<p>Meanwhile, in a response to Igamberdiev\u2019s tweet, another user named Marco $Pact claimed that their protocol \u2014 Impact Market \u2014 had received the funds from the attacker.<\/p>\n<p>\u201cI can confirm that those 50K CELO were sold for cUSD and donated through<br \/>Impact Market to support thousands of families from 30+ developing countries living in vulnerability as unconditional basic income,\u201d Marco $Pact tweeted.<\/p>\n<p>While Marco $Pact claims to have seen the incident happening, the Twitter user insists they \u201cwere not involved in this.\u201d<\/p>\n<p><strong><em>What are your thoughts on this story? Let us know what you think in the comments section below.<\/em><\/strong><\/p>\n<p>Terence Zimwara <\/p>\n<p class=\"article__body__author__info__about\">\nTerence Zimwara is a Zimbabwe award-winning journalist, author and writer. He has written extensively about the economic troubles of some African countries as well as how digital currencies can provide Africans with an escape route.<\/p>\n<p><i class=\"td-icon-font td-icon-linkedin\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-twitter\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-telegram\"\/><\/p>\n<p class=\"images_credits\"><em>Image Credits: Shutterstock, Pixabay, Wiki Commons<\/em><\/p>\n<p><strong>Disclaimer<\/strong>: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.<\/p>\n<p>More Popular NewsIn Case You Missed It<br \/>\n<script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"bitcoin\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<br \/><a href=\"https:\/\/news.bitcoin.com\/defi-platform-moola-exploited-for-8-4-million-in-incident-described-as-incredibly-simple-attack\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Moola, a decentralized finance (defi) lending and borrowing platform, was recently exploited for $8.4 million in what has been described as an \u201cincredibly simple attack.\u201d Moola responded to the attack by pausing all activity on the platform. The defi platform also told the attacker(s) it was willing to negotiate a \u201cbounty payment in exchange for [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7951,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[1],"tags":[],"class_list":["post-7950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-updates"],"_links":{"self":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7950"}],"version-history":[{"count":1,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7950\/revisions"}],"predecessor-version":[{"id":7952,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7950\/revisions\/7952"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/media\/7951"}],"wp:attachment":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}