Moonwell faces $1M risk after attacker buys cheap tokens and submits malicious vote proposal to gain control of DeFi lending protocol contracts.
A decentralized finance platform called Moonwell is facing a serious security threat after a very cheap attack. The incident was a surprise to the crypto community because the attacker only spent $1800. According to the reports by the Moonwell Forum, the proposal could put more than $1000000 at risk.
Cheap Token Purchase Leads to Governance Attack
The issue began with an unknown attacker purchasing some 40000000 MFAM tokens. These tokens have voting power within the governance system of Moonwell. Therefore, owning a lot of tokens means that a person is able to make important decisions about the platform.
With the tokens purchased, the attacker formed a governance proposal. The proposal attempted to give an attacker control over important smart contracts to a wallet controlled by the attacker. These contracts contain the oracle, the comptroller, and seven lending markets within the protocol.
The most startling aspect was the speed of the attack. Reports said the entire process took just 11 minutes. First, the tokens were bought. Next, the proposal was developed. Finally, the vote reached quorum, which is when enough votes are counted so that the proposal becomes active.
Voting on the proposal will be open until 27 March 2026. However, many members of the community later began to vote against the plan. Because of this, the end result to the question is uncertain.
Moonwell is a lending protocol on Moonbeam and Moonriver networks. According to DefiLlama data, currently, the platform has approximately $85000000 locked in its markets. Therefore, being able to control the contracts means that an attacker could potentially reach large funds.
Previous Exploit Raised Security Concerns
This is not the first time Moonwell has encountered a problem. In November 2025, the protocol lost a small sum of 1000000 due to an oracle error. The value of a token on the price feed from Chainlink was incorrect.
So, because of the wrong price, a small deposit was valued at over $116000. As a result, a trading bot used the fake value to borrow huge amounts from the market. This sapped funds away from Moonwell pools from Base Network and Optimism.
After that incident the Moonwell DAO approved a number of fixes. On 6 March 2026 the community voted to reestablish withdrawals on Moonriver. Later, on 9 March 2026, new contract upgrades were approved to correct reward calculation issues.
These updates were for safety, developers said. However, the new attack on governance demonstrates that there are risks in decentralized systems.
Moreover, governance attacks are dangerous because the hackers use voting rules rather than hacking codes. Therefore, the attackers can take control without directly breaking security.
For now, the Moonwell community is keeping a watchful eye on the vote. If the proposal doesn’t pass, the funds will remain safe. However, the incident has revealed that even small attacks can pose a threat to millions in DeFi platforms.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Kelp DAO's $230M Debt: Analyst Proposes Recovery Token Plan
Aave risks up to $230M from Kelp DAO; Umbrella may not cover it. A recovery plan via a $kRecovery token could repay the debt over time through token buybacks, Arbitrum recovery, and KUSD scaling.
Abstract: The article analyzes Aave's potential losses from the Kelp DAO exploit, the adequacy of the Umbrella reserve, and a proposed recovery path with $kRecovery to repay over time via buybacks, Arbitrum recovery, and KUSD scaling.
CryptoFrontier38m ago
Ripple XRP Ledger Is Set to be Quantum-Resistant by 2028, Signaling Highly Bullish Future for XRP Price
Ripple XRP Ledger is set to be quantum-resistant by 2028.
This signals a highly bullish future for XRP.
Tron is also working to catch up with this progressive move.
Crypto and blockchain continue to chase success and progress with no concern for the current state of markets. For
CryptoNewsLand59m ago
Ripple Plans Quantum-Resistant XRP Ledger by 2028
Ripple announced on Monday a multi-stage roadmap to build quantum-resistant infrastructure for the XRP Ledger (XRPL) by 2028, addressing growing concerns about the security of existing cryptographic systems against future quantum computing threats.
Quantum Threat Context
While quantum computing t
CryptoFrontier1h ago
DefiLlama Founder: Arbitrum Prioritizing Seized Funds for Aave Market Could Cut Bad Debt by 80%
Gate News message, April 21 — According to DefiLlama founder 0xngmi, if Arbitrum prioritizes using seized funds for the Aave market on Arbitrum, bad debt could be significantly reduced. Under a "loss socialization" scenario, Arbitrum would face no bad debt at all; if rsETH on the L2 faces a
GateNews3h ago
Singapore's MetaComp Launches AI Agent Framework for Financial Compliance and Payments
MetaComp debuts StableX Know Your Agent for regulated AI in payments, combining multi-vendor analytics to slash false clean rates, with AgentX Skills supporting Claude; aims for auditable cross-border finance via downloadable AI Skills.
Abstract: MetaComp introduces the StableX Know Your Agent framework to govern AI agents in regulated payments and wealth management, covering identity, permissions, monitoring, auditing, and agent-to-agent interactions. It reduces false positives by parallel analytics from multiple vendors and enables auditable cross-border finance through downloadable AI Skills (AgentX), starting with Claude support and expansion across regions.
GateNews3h ago
Qivalis Consortium of 12 European Banks Advances Euro Stablecoin Launch for H2 2026
Qivalis, a 12-bank European consortium including BBVA and BNP Paribas, is advancing a euro-stablecoin with a planned H2 2026 launch, backed by Fireblocks for issuance and distribution and Dutch central bank oversight under MiCAR.
Abstract: The Qivalis euro-stablecoin project, backed by 12 European banks and Fireblocks, targets a H2 2026 launch with Dutch central bank oversight under MiCAR, aiming to expand euro-denominated stablecoin use in institutional markets.
GateNews3h ago
