Celo Protocol Moola Market Loses Over $10M in Market Manipulation Attack

Over 93% of the stolen funds were returned to the protocol shortly after the attack, developers said.

AccessTimeIconOct 19, 2022 at 6:44 a.m. UTC
Updated Oct 19, 2022 at 2:11 p.m. UTC

Celo-based lending and borrowing protocol Moola Market had over $10 million worth of tokens stolen, and later returned, Wednesday morning after a market manipulation attack.

The exploit was the second of its kind in the last few weeks, with the attackers manipulating the prices of Moola’s native MOO tokens to borrow collateral against their positions – effectively draining the protocol.

Moola developers said the attack started during late Asian hours on Tuesday. “An unknown attacker started manipulating the price of MOO on Ubeswap, allowing the attacker to manipulate the MOO TWAP price oracle used by the Moola protocol,” they wrote. Oracles are third-party services that fetch data from outside a blockchain to within it.

The attacker borrowed a large amount of cUSD and cEUR, two Celo-based stablecoins pegged to U.S. dollar and euro respectively, and CELO from the protocol using MOO as collateral, effectively draining the protocol of its funds. Trading on the platform was stopped at that time.

Developers said they contacted law enforcement shortly after discovering the issue. A while later, an individual identifying as the attacker reached out to the team confirming their involvement. This individual held the private key – a cryptographic value akin to a password for a certain block on the blockchain – to the stolen funds.

Moola said it was then able to negotiate with the attacker. At the time of writing, Moola recovered over 93% of the stolen funds some 12 hours after the incident.

Meanwhile, a governance proposal has been floated by the community to prevent further similar attacks. The protocol seeks to lower the liquidation levels that govern MOO's use as collateral on the platform – effectively “removing it as a viable collateral asset.”

The attack is the latest in a long list of exploits this month. With October already becoming the worst month ever for crypto attacks.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.

Read more about