Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi

• Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi The exploit saw the Moonwell protocol exploited for $1.78 million after cbETH was mispriced at $1.12 instead of about $2,200, intensifying debate around AI-co-authored smart contracts. • Cointelegraph in your social feed Moonwell, a decentralized finance (DeFi) lending protocol deployed on Base and Optimism, was exploited for about $1.78 million after a pricing oracle for Coinbase Wrapped Staked ETH (cbETH) returned a value of about $1.12 instead of $2,200, creating a mispricing that attackers were able to use for profit. • Moonwellsaidin an incident post-mortem that a governance proposal executed on Sunday misconfigured the cbETH oracle by using the cbETH/ETH exchange rate alone, causing the system to report cbETH at about $1.12. • The protocol said liquidation bots and opportunistic borrowers exploited the mispricing, leaving roughly $1.78 million in bad debt. • Thepull requestsfor the affected contracts show multiple commits co-authored by Anthropic’s Claude Opus 4.6, prompting security auditor Pashov to publiclyflagthe incident as an example of artificial intelligence-written or AI-assisted Solidity backfiring. • Speaking to Cointelegraph about the incident, he said that he had linked the case to Claude because there were multiple commits in the pull requests that were co-authored by Claude, meaning that “the developer was using Claude to write the code, and this has led to the vulnerability.” Pashov cautioned, however, against treating the flaw as uniquely AI-driven.

Sources:

• https://cointelegraph.com/news/moonwell-exploit-cbeth-oracle-misprice-ai-commits-testing-audits?utm_source=rss_feed&utm_medium=rss&utm_campaign=rss_partner_inbound