Moby Trade Exploit and Swift Seal911 Response

Summary

On January 8th, 2025, Moby announced to its users that, despite their claims of secure smart contracts and robust key management, an exploiter identified a vulnerability and exploited it, resulting in significant theft.

Moby, a decentralized options trading platform on Arbitrum, offers real-time pricing, low spreads, and deep liquidity. The platform utilizes liquidity pools, such as sOLP (stablecoins) and mOLP (crypto + stablecoins), to facilitate efficient on-chain derivatives trading.

The exploit was possible after Moby's Admin-privileged private key was compromised, allowing the attacker to upgrade key smart contracts. This breach led to the theft of 3.77 wBTC, 207.76 wETH, and 1,500,351.5 USDC, assets equivalent to $2,557,683.79.

In times of crisis, unexpected help can arrive, and that’s exactly what happened with the intervention of the Seal911 team. They managed to recover 1.4M USDC from the stolen funds, however, the remaining funds were converted and dispersed across various bridges, resulting in a total loss of approximately $1,109,914.17.

How Did It Happen?

The root cause of the attack was the compromise of Moby's admin-privileged private key, supposedly secured under "Secured Key Management." With access to this key, the attacker gained privileges, allowing them to upgrade core smart contracts, creating a security breach.

Once the attacker identified this vulnerability, they conducted a test attack on the Arbitrum Sepolia network. An hour later, they executed the exploit on the mainnet, initiating the drainage of funds. The stolen funds were then bridged from Arbitrum to Ethereum, and the attacker began dispersing and laundering the assets across numerous wallets.

In response, Moby publicly acknowledged the attack and contacted security teams, including Seal911 and SlowMist. They also reached out to protocols like Circle and Rhino.fi, used by the attacker, to block and freeze assets, preventing further obfuscation. Seal911 successfully thwarted another attempt by the attacker to exploit a smart contract, recovering approximately 1,470,191.71 USDC in the process. Unfortunately, the wBTC and wETH stolen during the attack were irretrievable, as they had already been drained. The attacker converted the remaining assets into 312.02 ETH and used the Stargate protocol to bridge them onto the Ethereum mainnet. To further obscure the trail, the attacker employed several tunneling addresses and utilized bridges like DLN to launder the funds. Some of the wallets associated with the attacker still hold portions of the stolen ETH.

Let’s visualize and break down the entire exploit using Blockscope’s advanced analytics and forensic tools.

On-chain Activity

The Moby exploit is a multichain operation that began on the Arbitrum Sepolia Testnet, moved to the Arbitrum Mainnet, and then bridged to the Ethereum Mainnet to obscure the trail. Currently, the laundered funds are still being bridged across chains.

Moby Attacker: 0x2a566D111d0a5Be888FEC5F3834434Af3245Bb1b

Moby Attacker 2: 0x6A92D4840309f447922114a349984a1d09a51470

Total Assets Lost: 3.77 wBTC, 207.76 wETH and 30,179.97 USDC

Using Tracer, we visualized the entire exploit, tracking how funds moved from the S_Vault and M_Vault contracts to the attacker, and noted the conversion of stolen assets using Uniswap.

Attacker's token movement before bridging to Ethereum

Once converted to ETH, the funds were bridged to the Ethereum Mainnet using Stargate. The recipient address on Ethereum Mainnet was the attacker's second address, which was also used for cross-chain bridging: 0x6a92d4840309f447922114a349984a1d09a51470.

Tracer shows transfer of stolen wETH from Arbitrum to Ethereum using Stargate

After receiving 312.02 ETH, this address tunneled the funds and distributed them across numerous other addresses in an attempt to obfuscate and launder the assets. Several of these tunneling addresses used the DLN protocol to bridge assets cross-chain to networks like Polygon Mainnet, while most still hold the stolen assets.

Our tracer for the Ethereum Mainnet illustrates the flow and current state of the assets involved in this exploit.

Post-Bridging tracer on Ethereum

The tracer below shows how the attacker leveraged bridges to launder and obfuscate funds. In the below transaction, the Attacker's side wallets 0xe5240366f033ae373ff68ccffe552ea1d460b1d0 can be seen bridging around 3 ETH from the Ethereum mainnet to Polygon mainnet using DLN bridge and receiving 21,339 POL at address 0x36d137d85a8a0c8d30cec57aeda82b4eff1ebade.

Tx. Hash: 0x35031f2fca5558df30bbcca228c06027357a4481f8a413d782c568c9e0a475e9

0xe52...b1d0 bridging ETH to Polygon Mainnet using DLN Protocol

Exploit Breakdown & Timeline

January 8, 2025 - 11:56 UTC

The attacker, using Moby Attacker wallet 0x2a566D111d0a5Be888FEC5F3834434Af3245Bb1b, prepared the exploit on the Arbitrum Sepolia Testnet after obtaining the admin-privileged private key.

Tx. hash: 0xbf97d408ed11e0161d6667457c3a17b6947bc1b7a339e3201bc1d01c36f0ac78

January 8, 2025 - 12:57 UTC

The attacker initiated the attack. Utilizing the stolen private key, the attacker executed a contract upgrade, and changed the proxy admin at 1:49 UTC, eventually gaining ownership and admin rights on the primary address.

Tx. hash: 0x9da34da770f1e9c5d5e176578b32710d8e288587d8401582f34a9631edf9be4b

Change of contract ownership

January 8, 2025 - Between 15:24 to 15:28 UTC

After securing admin rights, the attacker altered the ownership of the S_Vault Contract 0xd4d23332e6256b751e2da0b9c0b3a70cfe9180c0 and executed three Emergency Withdrawals, transferring 0.07 wBTC, 0.79 wETH, and 30,179.79 USDC to the primary address.

Tx. hashes: USDC: 0xfb260f58332034fe203a41b031c41b8461f469e46d5632b33b328f22aed1fb42 wBTC: 0xa64829baf5b83fb6fbebcac334f2c73f6d8ec31a4c8b210538e32105c8ca8566 wETH: 0x15890f9b4db381875d2e1e606f5c0b39540295f2af7ab34abe4dd4722dde18d2

Transfer of assets from S_Vault contract

January 8, 2025 - 16:37 UTC

The attacker performed a similar admin change on the M_Vault Contract 0x9e34f79e39addb64f4874203066ffddd6ab63a41, making two transfers of 3.70 wBTC and 206.97 wETH to the primary address between 16:47 and 16:48 UTC.

Tx. hashes: wETH: 0xa16b4751f802b01ad9f71a9a44f534afc943c5b1952551d6a06e75207eee917a wBTC: 0x5729abb3d2898e80b24b08f3f079c5b5022db72fb97972e56ea68230b1efbacc

Transfer of assets from M_Vault contract

January 8, 2025 - 16:48 UTC

Seal911 identified the vulnerability and fixed the smart contract by upgrading it, preventing the loss of 1,470,191.71 USDC from the exploited M_Vault Contract.

Tx. hash: 0xa247fb0c2a641ad09f3c798c754662ee46ec56ebebc85c17afa397fdeaafe64a

Seal911 recovered the vulnerable 1.47M USDC

January 8, 2025 - 16:50 UTC

The attacker transferred 3.70 wBTC and 206.97 wETH to the Bridging Address Moby Attacker 2 0x6A92D4840309f447922114a349984a1d09a51470 and 30,179.97 USDC into the Uniswap V3 pool.

Tx. hashes: wETH: 0xa16b4751f802b01ad9f71a9a44f534afc943c5b1952551d6a06e75207eee917a wBTC: 0x5729abb3d2898e80b24b08f3f079c5b5022db72fb97972e56ea68230b1efbacc

Transfer of stolen wETH and wBTC to Moby Attacker 2

January 8, 2025 - Between 16:59 to 17:01 UTC

The attacker converted 206.97 wETH and 3.70 wBTC into 312.02 ETH using swaps, primarily through Uniswap.

Tx. hashes: wETH: 0xa605d246b5a4f01de5bfe7864055ab331aab3ffa11ffcf9e84a669f22201c612 wBTC: 0x670b17897045b5e1745e43ffc59dee103135f3ead600684d6bb67fa57763a61b

Conversion of wBTC and wETH into ETH

January 8, 2025 - Between 17:11 to 17:25 UTC

The attacker bridged all the funds to the Moby Attacker 2 0x6A92D4840309f447922114a349984a1d09a51470 from Arbitrum to Ethereum Mainnet using the Stargate protocol.

Using Stargate protocol, Moby Attacker 2 bridged 312.02 ETH from Arbitrum to Ethereum mainnet

January 8, 2025 - 17:26 UTC

The attacker began dispersing ETH across numerous wallets to obfuscate the trail. Some ETH was bridged using the DLN protocol while most remained in side wallets.

Attacker did some cross-chain bridging to launder & obfuscate assets

January 8, 2025 - 20:53 UTC

Moby Trade tweeted about the exploit, responding hours after the incident. On January 10th at 13:27 UTC, Moby published its Post-Mortem Report and Growth Plan, post exploit.

Moby's first rersponse

Wallets and Addresses Found

In this investigation, we identified a substantial list of addresses linked to the attacker, which were used to tunnel, bridge, and obfuscate the stolen assets. Using the Cohort Analysis Tool, we demonstrated a clear and direct relationship between the attacker and the addresses listed in the table below.

Cohort Analysis on Ethereum mainnet, shows relationship between attacker's wallets

List of Associated Addresses

Note
Address

Moby Attacker (Primary Address on ARB)

0x2a566d111d0a5be888fec5f3834434af3245bb1b

Moby Attacker 2 (Bridging Address on ARB and ETH)

0x6a92d4840309f447922114a349984a1d09a51470

Side Wallet (ETH)

0x5267c4e531b00597ef0cce0dc591c30fad7e4137

Side Wallet(ETH)

0x3d5908d723db3e75962b464935ec72b25f279488

Side Wallet(ETH)

0x0261254a0ea9c4065727b77b2680fe0726010e49

Side Wallet(ETH)

0x1bb090b419b1437247eca7fc4c2a847f7222cd1a

Side Wallet(ETH)

0x5ecbe4f3d08594e42a3ebe3752fa6d6fa0bc8d38

Side Wallet(ETH)

0x07b00bab187a1acc4dfb18190b5652a6d86795f9

Side Wallet(ETH)

0x396b19959cabecb07787190044c11aaf48c44a05

Side Wallet (ETH)

0x83629c00266bd68c60634caff34646162233700b

Side Wallet (ETH)

0xa6523e3bdf6a798ef3cd8a5e1d55e6d82416dc02

Side Wallet (ETH)

0x8b0e842de81b4cde581a139e5b6a67027c679349

Side Wallet (ETH; Bridged funds)

0x8a564053192b5566edae8b0305d7d40040913eab

Side Wallet (ETH; Bridged funds)

0xe5240366f033ae373ff68ccffe552ea1d460b1d0

Side Wallet (ETH; Bridged funds)

0x06d86f0c7b563571460f2369abc051ced744ca31

Side Wallet (ETH; Bridged funds)

0xba021c7817e7b1ea2ad103fb535f75f07f9b2571

Side Wallet (ETH; Bridged funds)

0x2b9d98682e179c52eb031a8b42cd3ac56e0c7e8e

Side Wallet (ETH)

0xbcf24b2f2f1a7f8c3709f40bfd12be1469608108

Side Wallet (ETH)

0x818051846e1cb33c9775ecc68f9ec24fa8872d50

Side Wallet (ETH)

0xad6049d1fe59ce49b71386c45bb6348a9d2e45be

Side Wallet (ETH)

0xfbf735e81a1c430729dca17fc927df46c269fe6f

Side Wallet (ETH)

0x81ebcb5cb748df13ad117aad9d828d8ebc7056a2

Side Wallet (ETH)

0x246159d610ab6165f9445a6a22f2fa63782b710e

Side Wallet (ETH)

0x06894cf8308b5235733ee42ce57e4524d1642f6b

Side Wallet (ETH)

0x65aeeb98e3b59a18b8dfa3f2c8ee376828da7782

Side Wallet (ETH)

0xa90da10c49ba8f751d6d5b7fb4788b499277cdab

Side Wallet (ETH)

0x61b7e18ba8ba0413a9ae61cbb263507afb53b7cc

On-Going Monitoring

Moby Trade is actively collaborating with various security firms, law enforcement agencies, and exchanges to freeze stolen assets and prevent successful obfuscation and laundering attempts. Additionally, we have deployed our Watchtower system to continuously monitor all side wallets still holding ETH on the Ethereum Mainnet.

Moby Trade Active Watchtower

Conclusion

This exploit serves as a critical reminder that companies handling public funds must be held accountable and take proactive security measures. Moby Trade’s response—downplaying the incident by stating that their smart contracts "worked properly" and attributing the breach to stolen private keys—highlights the need for better responsibility in securing sensitive information.

On a positive note, this case underscores the importance of blockchain security. The Seal911 team successfully recovered approximately $1.4M USDC, and Tony Ke’s tweet captures their achievement. As noted, the attacker exploited the system by upgrading the smart contract using the UUPS (Universal Upgradeable Proxy Standard) but failed to secure it, leaving a vulnerability that Seal911 was able to leverage.

At Blockscope, we develop tools and technologies to safeguard your assets and empower individuals and organizations to take accountability. As attackers evolve and become increasingly sophisticated, so must our security measures. The Moby Trade exploit is a powerful example of how security firms can make a significant impact in the fight against cybercrime.

The investigation utilized a suite of advanced tools from Blockscope and forensic techniques to meticulously trace and analyze the events of the hack. Here's a summary:

  • Transaction Decoder: Deconstructed transactions to understand the attacker's actions and sequence of events, and how the contract was upgraded into UUPS.

  • Wallet Profiler: Identified attacker wallets, analyzed suspicious transactions on Arbitrum and Ethereum and revealed obfuscation using Stargate and DLN protocols.

  • Tracer Tool: Tracked stolen tokens like wETH, wBTC, and USDC across wallets and DeFi protocols, including cross-chain movement from Arbitrum to Ethereum.

  • Entity Interaction Tool: Mapped interactions between Stargate protocol and Moby Attacker 2 to bridge funds.

  • Cohort Analyzer: Identified clusters of associated wallets, clarifying the attacker’s network on Ethereum.

  • Watchtower: Monitored and tracked all wallets and side addresses involved in the exploit in real time.

Investigation by: Tushar Tiwari, Analyst @ Blockscope

For more information, please reach out to us at [email protected]

Disclaimer: Best Effort Investigation

This investigation and its findings represent our best effort based on the information available at the time. However, please be aware of the following limitations:

  • The data used in this investigation may contain inaccuracies, omissions, or errors.

  • Information sources may be incomplete or subject to change.

  • New evidence may emerge that could alter the conclusions.

  • Analysis and interpretations are based on current understanding and may evolve.

We have made every reasonable attempt to ensure accuracy, but cannot guarantee that all information is entirely correct or complete. This report should be considered a snapshot of our current knowledge and understanding, subject to revision as new information becomes available.

Last updated