Moonwell Denies $1 Million Exploit Claim
Moonwell, a DeFi lending protocol on Base and Optimism, rejected reports of a $1 million exploit. The incident was caused by a misreported oracle price, not an active hack.
Earlier on November 4, 2025, blockchain security firms flagged what seemed like an attack on Moonwell’s oracle systems. CertiK and QuillAudits reported that a faulty data feed allowed an attacker to borrow funds by exploiting inflated prices for wrapped restaked ETH (wrsETH).
Moonwell responded on X, saying, “We are currently investigating a misreported price for wrsETH. The risk manager for the wrsETH Core Market on Base and OP Mainnet has significantly reduced the supply and borrow caps in these markets.”
No Hack Confirmed, Oracle Error Identified
DeFi developer Luke Youngblood also confirmed there was no hack. He stated on X, “This was a mispricing of wrsETH. Supply and borrow caps for this market on Base and OP Mainnet have been effectively zeroed out so the mispricing cannot be exploited further.”
The issue arose from an oracle error that temporarily distorted wrsETH price data. Moonwell froze affected pools and cut borrowing limits to prevent market manipulation.
DeFi Risk and Ongoing Investigations
The incident followed a major $116 million Balancer exploit less than 24 hours earlier. Both cases underline DeFi’s reliance on accurate oracle data.
Moonwell is collaborating with security researchers and will publish a full report. The team claims no funds were lost, but some in the community disagree.
Independent researcher @SpecterAnalyst said the same address previously exploited Moonwell on October 10, stealing 269 ETH (~$1 million). Specter alleges the attacker returned during this event and took an additional 295 ETH (~$1.1 million), totaling over $2 million in losses.
If true, this would contradict Moonwell’s claims and raise concerns about whether earlier vulnerabilities were fixed.
The affected markets remain paused as Moonwell verifies prices and adjusts risk limits. The case highlights how oracle errors can lead to costly DeFi failures if left unchecked.
