Even during the current bear market, cyberattacks and vulns in the decentralized finance (DeFi) industry have not decreased. Mango Markets, a DeFi trading platform in Solana, has become the most recent victim.
This most recent victimization is a significant hacking that has cost as much as $100 million.
The protocol tweeted in the early hours of October 12 that it looked into a case where a hacker successfully siphoned off the money by manipulating oracle prices.
DeFi investigators at the blockchain security company OtterSec dissected the hacking and determined that a flash loan was not involved. USDC collateral from FTX totaling $5.5 million was used to fund the hacker’s account.
The hacker then opened a position worth 480 million MNGO-PERP (perpetual future) and engaged in counter-trading on a different account. Before obtaining loans from the Mango Treasury, they temporarily manipulated the price of MNGO and raised the value of their collateral.
More than 4,000 short liquidations occurred across Mango Markets due to the price increase.
OtterSec founder Robert Chen attributed the cyber attack to an “economic design flaw.” Joshua Lim, the head of derivatives at Genesis Global Trading, described the flaw and said it “effectively wiped out all available liquidity on Mango.”
USDC, MSOL, SOL, BTC, USDT, SRM, and MNGO are the depleted assets. Mango Markets is forging ahead to freeze funds and has disabled deposits.
The brash attacker published a governance proposal for the Mango DAO to use its $70 million treasury to pay off the bad debts. Nearly 33 million votes had been cast in favor of the proposal at the time of publication, most of which were probably loot taken in the heist by the assailant.
On October 12, news of yet another DeFi hacking on TempleDAO, which suffered a $2 million loss, also emerged. A week has passed since the well-publicized attack on BNB Chain in the same domain.
The native token of the protocol has plunged 44% to $0.022. During the price manipulation attack, MNGO surged to $0.087 before falling when the collateral was exhausted. MNGO was currently 95% below its peak in September 2021.
The Solana ecosystem has been troubled by network outages, malware attacks, and a falling token value; this is just the most recent saga to affect it.