Share this article
Celo Protocol Moola Market Loses Over $10M in Market Manipulation Attack
Over 93% of the stolen funds were returned to the protocol shortly after the attack, developers said.
Updated Oct 19, 2022, 2:11 p.m. Published Oct 19, 2022, 6:44 a.m.
Make us preferred on Google
Celo-based lending and borrowing protocol Moola Market had over $10 million worth of tokens stolen, and later returned, Wednesday morning after a market manipulation attack.
The exploit was the second of its kind in the last few weeks, with the attackers manipulating the prices of Moola’s native MOO tokens to borrow collateral against their positions – effectively draining the protocol.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Moola developers said the attack started during late Asian hours on Tuesday. “An unknown attacker started manipulating the price of MOO on Ubeswap, allowing the attacker to manipulate the MOO TWAP price oracle used by the Moola protocol,” they wrote. Oracles are third-party services that fetch data from outside a blockchain to within it.
The attacker borrowed a large amount of cUSD and cEUR, two Celo-based stablecoins pegged to U.S. dollar and euro respectively, and CELO from the protocol using MOO as collateral, effectively draining the protocol of its funds. Trading on the platform was stopped at that time.
We discovered the issue at 4:54pm UTC and promptly created a war room to examine the situation and contacted law enforcement. It was around this time that we posted the following tweet to the community inviting the attacker to reach out: https://t.co/UsdN44X70X
— Moola Market 🐮 (@Moola_Market) October 19, 2022
Developers said they contacted law enforcement shortly after discovering the issue. A while later, an individual identifying as the attacker reached out to the team confirming their involvement. This individual held the private key – a cryptographic value akin to a password for a certain block on the blockchain – to the stolen funds.
Moola said it was then able to negotiate with the attacker. At the time of writing, Moola recovered over 93% of the stolen funds some 12 hours after the incident.
Meanwhile, a governance proposal has been floated by the community to prevent further similar attacks. The protocol seeks to lower the liquidation levels that govern MOO's use as collateral on the platform – effectively “removing it as a viable collateral asset.”
The attack is the latest in a long list of exploits this month. With October already becoming the worst month ever for crypto attacks.
More For You
KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.
What to know:
- KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
- This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
- Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
- Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
- Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
More For You
Polkadot's DOT declines in U.S. afternoon selloff
The technical breakdown erased earlier gains as DOT plunged through $2.19 support on heavy volume.
What to know:
- DOT slipped from $2.18 to $2.12 over the past hour, erasing earlier gains.
- Volume was 17% above the 30-day average during the failed breakout attempt.
Top Stories
