Moola Market DeFi hacker returns US$9 mln in stolen funds for bounty

The per­pe­tra­tor of the US$9.1 mil­lion Moola Mar­ket exploit returned close to the entire­ty of the loot in exchange for an undis­closed ran­som on Wednes­day, accord­ing to the project’s social media update.  

See relat­ed arti­cle: ‘Hack­to­ber’ con­tin­ues with US$1 mln tak­en from Bit­Keep token swap service

Fast facts

• Decen­tral­ized finance (DeFi) project Moola Mar­kets announced that they had paused their lend­ing pro­to­col on the Celo blockchain due to an exploit on Oct. 19 at around 2:00 a.m. Hong Kong time, adding that they were will­ing to nego­ti­ate a boun­ty for the funds. 

• The cul­prit report­ed­ly reached out to the pro­to­col with­in 10 min­utes after Moola’s offer, start­ing sev­er­al hours of nego­ti­a­tions for the funds.
• Accord­ing to Moola, the exploiter has returned 93.1% of the stolen assets and donat­ed a por­tion of the remain­ing funds to Impact­Mar­ket, a Moola Mar­ket depos­i­tor that pro­vides finan­cial assis­tance to under-banked com­mu­ni­ties globally. 

• Octo­ber has been open sea­son on DeFi exchanges for hack­ers, as this month’s theft lev­el is on track to set an all-time month­ly record.
• Moola said it is cur­rent­ly work­ing on gov­er­nance pro­pos­als to close the loop­hole that result­ed in the exploit and hopes to unfreeze the pro­to­col with­in six days.

• “Addi­tion­al­ly, we will inves­ti­gate mech­a­nisms to help fur­ther restore the remain­ing 6.9% col­lat­er­al to min­i­mize the impact of this inci­dent on Moola users,” the DeFi lender said.

See relat­ed arti­cle: Cryp­to hack­ers on track for bonan­za year as theft surges, Chainal­y­sis says