Solana-Based Mango Protocol Suffers $100M+ Exploit
2 min readMango Markets was victim to the latest exploit this week, as crypto cannot seem to escape an absolutely abhorrent Tuesday. Two exploits less than one day apart – and less than a week after the BNB Chain exploit that utilized a bridge to create millions of new BNB. Another nine-figure exploit has rocked the crypto sphere, this time with Solana-based Mango Markets. The protocol faced a massive drain of funds, over $100M worth, after a hacker drained the project through price manipulation and high-dollar leverage.
Let’s look at this latest exploit and what we know in the early hours.
The Price, Plus Pressure
We’re fresh off the heels of a massive, six-figure exploit of Binance Bridge that resulted in newly minted tokens in the range of $500M in value. While not as high-dollar, news of another million dollar vulnerability in Ethereum-based Temple DAO is less than a day old. The combination with now this latest trio in October alone rings another stark reminder how much of a vital issue both smart contract security and risk management are in this space. The Mango Markets lending protocol was one of the top five largest in TVL on the Solana blockchain, according to data from DefiLlama.
Mango Markets (MNGO) protocol was practically drained on Tuesday following an exploit. | Source: MNGO-USD on TradingView.com
Mango Counters, Offers Bounty
Mango Markets has advised users not to deposit into the protocol following the exploit, and has asked the hacker to get in contact regarding a bug bounty. Critics have emerged with Discord screenshots from earlier this year that show channel moderators acknowledging concerns about exactly what seemed to have led to Mango’s downfall: massive futures bets against themselves and price manipulation, effectively taking advantage of a low-volume trading token.
Meanwhile, in their initial response, Mango has described the action as “oracle price manipulation.”
Featured image from Pixabay, Charts from TradingView.com The writer of this content is not associated or affiliated with any of the parties mentioned in this article. This is not financial advice.
This op-ed represents the views of the author, and may not necessarily reflect the views of Bitcoinist. Bitcoinist is an advocate of creative and financial freedom alike.