Celo ecosystem lending protocol Moola Market has released a report of the attack and a restart plan. According to an official disclosure, Starting at 4:04 pm UTC on October 18th, an unknown attacker started manipulating the price of $MOO on Ubeswap, allowing the attacker to manipulate the $MOO TWAP price oracle used by the Moola protocol. As a result, the attacker was able to borrow a large amount of $cUSD, $cEUR, and $CELO from the protocol using $MOO as collateral, effectively draining the protocol of its funds.
After the Moola team contacted and negotiated with the attacker, the attacker returned 93.1% of the funds to an admin multisig used by Moola and donated a portion of the unreturned funds to ImpactMarket, a Moola Market depositor that provides UBI in financially under-banked communities around the world.
The team's focus has shifted to safely restoring functionality to the Moola protocol. There is a governance vote currently in-flight for proposal ID 9 to reduce LTV and liquidation threshold governing MOO's use as collateral, effectively removing it as a viable collateral asset. If this proposal passes, the team will be in a position to unfreeze the protocol.
Additionally, Moola said that it will investigate mechanisms to help further restore the remaining 6.9% of collateral to minimize the impact of this incident on Moola users.
Previously, Moola Market was exploited and has paused operations, losing approximately $8.4 million.