Solana-based decentralized finance (DeFi) exchange Mango Markets has been hit with a reported exploit of over $100 million through an attacker manipulating price oracle data, allowing them to take out under-collateralized cryptocurrency loans.
The exploit was first identified by blockchain security firm OtterSec, which tweeted the exchange had been drained of over $100 million due to the attacker manipulating the value of its MNGO native token collateral, then taking out “massive loans” from Mango’s treasury.
It appears the attacker was able to manipulate their Mango collateral. They temporarily spiked up their collateral value, and then took out massive loans from the Mango treasury. pic.twitter.com/2IJrB9RcEJ— OtterSec (@osec_io) October 11, 2022
The team later confirmed the manipulation of a price oracle — a price data feed of the value of its MNGO token — and stated that it had disabled deposits while it continued investigations of the incident.
We will be disabling deposits on the front end as a precaution, and will keep you updated as the situation evolves.— Mango (@mangomarkets) October 11, 2022
If you have any information, please contact firstname.lastname@example.org to discuss a bounty for the return of funds. 2/
Due to news of the exploit, the price of the platforms’ MNGO token has fallen by around 52% in the last 24 hours at the time of writing, according to data from CoinGecko.
The exploiter’s account on the platform shows the three largest withdrawals were for $50 million worth of USD Coin (USDC), over $26.7 million worth of a Solana staking token called Marinade Staked SOL (mSOL), and nearly $24 million worth of Solana’s SOL (SOL).
Over $14.7 million worth of MNGO was withdrawn, and Mango said it’s “taking steps to have third parties freeze funds in flight.”
Meanwhile, the QANplatform blockchain also suffered from an exploit of its own on Oct. 11, with its Ethereum bridge drained of around $1.89 million worth of its native QANX token, according to blockchain security company Beosin. QANplatform said it’s investigating the incident.