Hacks and exploits in the decentralized finance (DeFi) sector have not slowed during this bear market and Mango Markets has become the latest victim.
The Solana-based DeFi trading platform Mango Markets is the latest victim of a large exploit that has resulted in the loss of as much as $100 million.
In the early hours of Oct. 12, the protocol tweeted that it was investigating an incident where a hacker was able to drain funds by manipulating oracle prices:
A self-funded attack on Mango Markets
DeFi sleuths at blockchain security firm OtterSec broke down the attack confirming that it did not involve a flash loan. The attacker funded an account with $5.5 million in USDC collateral from FTX.
The attacker then created a 480 million MNGO-PERP (perpetual future) position and counter-traded themself on another account. They were able to temporarily manipulate the price of MNGO and drive up the value of their collateral before taking out loans from the Mango treasury.
The surge in price also caused more than 4,000 short liquidations across Mango Markets.
The attack was down to an “economic design flaw,” according to OtterSec founder Robert Chen. Head of derivatives at Genesis Global Trading, Joshua Lim, also broke down the exploit stating that it “effectively wiped out all available liquidity on Mango.”
Assets drained include USDC, MSOL, SOL, BTC, USDT, SRM, and MNGO. Mango Markets has disabled deposits and is taking steps to freeze funds.
The brazen attacker then posted a governance proposal for the Mango DAO to use its $70 million treasury to repay the bad debts. At the time of press, there were almost 33 million votes in favor of the proposal, the majority of which were likely to be spoils from the heist from the attacker themselves.
MNGO tanks 44%
The protocol’s native token has tanked 44% in a fall to $0.022. MNGO spiked to $0.087 during the price manipulation attack and slumped when the collateral was drained. MNGO is currently down 95% from its September 2021 all-time high.
This is just the latest saga to hit the Solana ecosystem, which has been plagued with network outages, malware attacks, and a tanking token value.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.