Ethical Hackers Recover $1.5M From Moby Trade After DeFi Protocol Suffers $2.5M Exploit

A major attack on the decentralized finance (DeFi) sector has occurred in early 2025, targeting the Moby Trade protocol on the Arbitrum network. The attack resulted in the loss of approximately $2,5 million,の一部がホワイトハッカーによって回収されたことが判明した。

The attack began with the exploitation of a compromised private key, which allowed the attacker to manipulate smart contracts and use an emergency withdrawal function to transfer assets, including 207 WETH and 3,7 WBTC, into external wallets. The attacker then proceeded to exchange the tokens for ETH and send them to addresses on the Ethereum blockchain, according to the Beosin security team.

However, a swift intervention by a white hat hacker led to the partial recovery of the stolen funds. Tony Ke, a researcher at Solayer Labs and an expert in Maximal Extractable Value (MEV), managed to use a MEV bot to identify a flaw left by the attacker in his own surrogate contract. This vulnerability allowed Ke's bot to perform a version of the same attack technique, rescuing $1,5 million in USDC.

“It was a race against time. We managed to save part of the funds, but unfortunately we missed the recovery of other assets by about 30 seconds,” Ke said in a statement.

The incident has prompted Moby Trade to temporarily suspend operations such as deposits and withdrawals while a full investigation is conducted. The protocol team has also assured users that losses will be compensated.

This attack is the latest in a string of DeFi hacks that have plagued the Arbitrum network in recent months. Similar attacks were also reported on Orange Finance and Stryke Protocol, both on Arbitrum, highlighting a worrying pattern of smart contract exploitation on the platform. In the case of Orange Finance, a compromised private key was also identified as the source of the issue.

The DeFi market, especially on the Arbitrum network, continues to be a lucrative target for both developers and hackers. Despite the challenges, white hat hacking initiatives like Ke's demonstrate that effective and proactive solutions are possible even in critical situations.