The hacker behind the $9 million Moola Market hack has chosen to return a majority of the cryptocurrency stolen during the exploit.
The attacker returned the funds in exchange for a bug bounty of $500,000 from the lending protocol.
The Moola Market Hack
The Moola Market team tweeted on the 18th of October that it was investigating an attack on the protocol. It added that it paused all protocol activity after contacting authorities. However, the protocol also offered the attacker a bug bounty if they returned the funds to the lending protocol within 24 hours.
“We are actively investigating an incident on @Moola_Market. All activity on Moola has been paused. Please do not trade mTokens. We discovered the issue at 4:54 pm UTC and promptly created a war room to examine the situation and contacted law enforcement.”
An analysis of the attack carried out by Web3 security firm Hacken shed light on how the attacker orchestrated the attack. According to the analysis, the hacker was able to manipulate the price of the lending protocol’s native MOO token by purchasing $45,000 worth of the token and depositing it as collateral to borrow CELO tokens. The hacker then used the borrowed CELO tokens along with more CELO that they held as collateral and borrowed more MOO tokens, driving up the token’s price.
This process was repeated by the attacker until the value of the MOO tokens shot up by a staggering 6400%. Thanks to the inflated price, the attacker was able to borrow $6.6 million worth of CELO, $1.2 million worth of MOO, and a further $740,000 worth of CELO Euros (cEUR) and $640,000 worth of CELO Dollars (cUSD). This resulted in a loss of around $9.1 million to the protocol.
Hacker Returns Funds
Moola Market developers contacted law enforcement authorities shortly after discovering the issue. However, an individual identifying as the attacker reached out to the team, claiming to hold the private key which would allow access to the stolen funds. According to developers at Moola, they were able to negotiate with the hacker and recover 93% of the stolen funds from the attacker. The attacker kept the rest of the funds, around $500,000, as a bug bounty.
Moola tweeted about recovering their funds, stating,
“Following today’s incident, 93.1% of funds have been returned to the Moola governance multi-sig. We have continued to pause all activity on Moola and will follow up with the community about the next steps and to safely restart operations of the Moola protocol.”
Parallels To Mango Market Hack
The attack is similar to the exploit suffered by Mango Markets on the 11th of October, which saw the protocol lose $117 million. The attack was carried out by Avraham Eisenberg and his team, who manipulated the price of the native token of the Solana-based protocol, managing to borrow assets with an undercollateralized backing. Eisenberg negotiated with the Mango Markets team, keeping $47 million as a bug bounty.
Bitkeep had also suffered an exploit on the 17th of October, with the hacker siphoning $1 million worth of Binance Coin. The attacks are part of a series of attacks executed during October, with the value of hackings reaching $718 million.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.