"Moola Market Reveals $9m Crypto Exploit"

Decentralized finance (DeFi) platform Moola Market has suffered a security incident leading to a loss of up to $9m worth of cryptocurrency.  The Celo blockchain-based platform admitted that an incident had occurred on Tuesday, October 18.  The Moola Market, in a statement, said that activity on Moola has been paused and asked customers to please not trade mTokens.  Moola Market also, in the statement, said they were willing to negotiate a bounty payment in exchange for returning the funds within the next 24 hours.  Several hours later, it appeared the hacker had negotiated a "bounty" for returning most of the funds.  Moola Market tweeted that following the incident, 93.1% of funds have been returned to the Moola governance multi-sig.  In an update about the attack, Moola Market said the "unknown attacker" started manipulating the price of MOO on Ubeswap, allowing them to manipulate the MOO time weighted average price (TWAP) oracle used by the Moola protocol.  This meant they were able to borrow a large amount of cUSD, cEUR, and CELO from the protocol using MOO as collateral, "effectively draining the protocol of its funds." The incident bears similarities to a $177m exploit suffered by Mango Markets last week (October 11), in which the hacker negotiated to keep $47m of the funds as a "bounty."

Infosecurity reports: "Moola Market Reveals $9m Crypto Exploit"