Money

Solana-Based Defi Protocol Mango Markets Loses $117 Million in Hack, Exploit Allegedly Revealed in Project’s Discord in March – Bitcoin News


According to various reports, the trading and lending platform based on Solana Mango Markets was hacked because a malicious person was able to extract $117 million from the protocol. An analysis of the hack published by Certik explains that the attacker manipulated the price of the project’s native token (MNGO), allowing them to borrow $117 million against the mined collateral.

Mango Market Hacked for $117 Million, Attack Vector Briefing Blockchain Security Company

On Tuesday, Solana-based Mango Markets platform was hacked for $117 million. The team tweeted about the issue at 7:36 p.m. ET (ET) October 11. “We are currently investigating an incident where a hacker was able to withdraw funds from Mango through a price manipulation. magic”, Mango Market’s Twitter account detail. “We are taking steps to have third parties freeze funds in flight. We will disable deposits on the UI as a precaution and will update you as the situation develops.”

Blockchain security and auditing company Certik summarized the Mango Market hack in an autopsy, and the team explained that the hacker was able to manipulate the mango token (MNGO). “The attacker used two addresses to manipulate the price of MNGO — Mango’s native token and collateral — from $0.038 to as high as $0.91,” Certik explained in a statement. notes sent to Bitcoin.com News. “This allowed them to borrow money against their MNGO$ collateral, which they did for about $117 million, although this number is fluctuating due to the price of the affected tokens. enjoy the reaction to the news.”

Follow to blockchain security company Hacken, the hacker started with about $5 million USDC to accomplish the goals. The official Mango Market Twitter account has confirmed that two accounts sponsored by USDC have taken a large long position in “MNGO-PERP”. “Basic MNGO/USD price on various exchanges (FTX, Ascendex) increased by 5-10x in minutes,” Mango speak. Mango added that no oracle vendor was at fault in the incident. The research team emphasized:

We want to clarify and add mention here that both oracle providers don’t have any errors here. Oracle price report was working as usual.

Meanwhile, blockchain security and auditing firm Certik has revealed that the attack vector is believed to be as early as March 2022. “The flaw here comes from the thin liquidity in the MNGO/USDC market, used as the reference price for the perpetual swap MNGO,” the Certik summary adds. “With just a few million USDC at their disposal, the attacker was able to pump the price of MNGO up to 2,394 percent. This exact attack vector is seems to be raised in Mango’s Discord channel back in March of this year,” concluded after Certik’s autopsy.

Cards in this story

$117 million, attack vector, certik, Certik’s Autopsy, Certik researchers, Cheat, Hacken, trouble, report problem, Mango, Mango Market, Mango’s Discord Channel, MNGO / USDC, oracle price, Oracles, autopsy, Solana, Solana loan application, Solana Trading App, Twitter, Twitter account

What do you think about how to mine Mango Markets? Let us know what you think about this topic in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a fintech journalist living in Florida. Redman has been an active member of the crypto community since 2011. He has a passion for Bitcoin, open source, and decentralized applications. Since September 2015, Redman has written over 6,000 articles for Bitcoin.com News about the disruptive protocols emerging today.




Image credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This newspaper only gives true information. It is not a direct offer or solicitation to buy or sell, or a recommendation or endorsement for any product, service or company. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the Company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

kignews

Kig News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button