Moonwell DeFi Hit by $320K Flash Loan Exploit: Security Risks Highlighted

• Flash loan exploit drains $320K from Moonwell DeFi’s USDC lending contract.  
• Attacker swaps stolen USDC for DAI; funds are now in their wallet.  
• Malicious contracts and TornadoCash were used to execute the attack.

Moonwell DeFi, a decentralized lending protocol operating on the Optimism network, suffered a flash loan exploit, resulting in a loss of $320,000. The perpetrator targeted the protocol’s USDC lending contract, using a malicious contract address disguised as a “mToken.” This act granted unauthorized token approvals, allowing the attacker to drain funds from Moonwell users.

The DeFi platform’s security systems soon alerted users and flagged areas of illegal breaches, including suspicious funding sources and malicious contract activity. On-chain sleuths also found out that the attacker’s wallet was pre-funded via Tornado Cash on the Ethereum network and strategically swapped the stolen USDC for DAI. Currently, the stolen assets are in the attacker’s wallet, making recovery challenging.

What’s the Impact on Moonwell Users and DeFi?

Flash loan exploits are a rising threat in the decentralized finance (DeFi) ecosystem. In this case, the atta…

The post Moonwell DeFi Hit by $320K Flash Loan Exploit: Security Risks Highlighted appeared first on Coin Edition.