Editor’s Note: With such volatility in the markets, stay up to date with daily news! Get our quick roundup of today’s must-see news and expert opinion in minutes. Register here!
(Kitco News) – Hacks in the crypto ecosystem are nothing new, but the latest incident took an interesting turn, even by crypto standards.
It all started with an exploit by Solana-based decentralized finance protocol Mango Markets (MNGO), which saw a hacker manipulate the price data of its native MNGO token, which allowed them to take out cryptocurrency loans under -guaranteed.
In total, the attacker was able to draw 0 million from the vaults of the DeFi platform. At this point, it is unclear how the author was able to change the price of MNGO from the perspective of the Mango protocol.
But the story does not end there.
Within hours of the hack, the attacker engaged with the Mango community and sought to create and push through a proposal that would recover the stolen funds.
So just to recap @mangomarkets situation:
-Hacker exploits Mango for over $100 million
-Hacker turns around and offers to return most of the funds, if DAO promises not to pursue criminal investigations
-Hackers use 32 million votes of the exploit to vote “Yes”
LMFAO you can’t make this shit up! pic.twitter.com/LsdafMS7vQ
— Alex Valaitis (@alex_valaitis) October 12, 2022
They then used the stolen MNGO tokens to vote and pass the proposal, leaving little recourse for the Mango Markets community.
Mango confirmed the exploit via a Tweeter Tuesday, saying it was investigating the incident and was “taking steps to have third parties freeze in-flight funds” and “disabling forward deposits as a precaution.”
The project later confirmed that it was price oracle manipulation of its MNGO token that enabled the exploit and said deposits would continue to be disabled during the ongoing investigation. Classes.
Crypto sleuths were quick to jump on the case, and it appears the culprit has been identified.
According to former economist Chris Brunet, who runs the Karlstack Crypto sub-stack, the assailant was identified as Avraham Eisenberg. Brunet claims to be on a private Discord server with Eisenberg, which is called “Vires Creditor and Honest Person”.
Brunet provided a screenshot that shows Eisenberg bragging about “investigating a platform that could possibly lead to a 9-figure salary” and then explaining the logistics of how he planned to pull this off. on the “minecraft channel”.
An additional screenshot provided shows $7,500,000 in funds from Mango’s exploiter address on Solana, routed through Circle and deposited to Eisenberg’s ponzishorter.eth ethereum address.
Brunet contacted Eisenberg to give him a chance to respond or refute the allegations and provided him with a copy of the article for review before publication. The official response received did not address the Mango situation and instead discussed Eisenberg’s observations on the possibility of doing a similar exploit on AAVE and Justlend.
“I’ll leave it up to the reader to decide how believable this is,” Brunet said, adding “To me it basically reads: IF I DID IT…”
As of this writing, there has been no official response from Mango regarding these allegations. MNGO’s price has fallen 30% from its pre-hack value and is currently trading at $0.0275.
Tuesday’s Mango Markets exploit is the second major decentralized finance attack in less than a week following the Oct. 7 hack of Binance’s BNB blockchain, which saw thieves get away with $80 million in funds.
Disclaimer: The opinions expressed in this article are those of the author and may not reflect those of Kitco Metals Inc. The author has made every effort to ensure the accuracy of the information provided; however, neither Kitco Metals Inc. nor the author can guarantee such accuracy. This article is strictly for informational purposes only. This is not a solicitation to trade commodities, securities or other financial instruments. Kitco Metals Inc. and the author of this article accept no responsibility for loss and/or damage resulting from the use of this publication.