The crypto industry has witnessed another major hack in less than a week, where a hacker has stolen $100 million from Mango Markets.
The trading and lending platform hosted on the Solana blockchain was exploited after manipulation in the price of Mango Market’s native MANGO token via an oracle price manipulation attack.
Mango Markets has confirmed via a tweet that the company is investigating the matter. “We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation. We are taking steps to have third parties freeze funds in flight,” the tweet said.
The company also has disabled deposits as a security measure.
“We will be disabling deposits on the front end as a precaution and will keep you updated as the situation evolves,” Mango Markets tweeted.
The hacker’s wallet was funded from an FTX exchange account.
According to blockchain security firm Hacken’s tweets, the hacker first opened an enormous size futures position, which resulted in MANGO token price pump. That further spiked the hacker’s account collateral value and gave access to borrowing a large debt position across multiple coins on Mango Market’s borrowing and lending platform.
According to Hacken, the hacker was then able to borrow and steal roughly $114 million across various tokens since the price of tokens and their collateral was manipulated much higher.
It is yet to understand how, exactly, the hacker was able to inflate MNGO’s value in the eyes of the Mango protocol, according to Robert Chen from blockchain auditors OtterSec.
The attack caused the price of MANGO tokens to drop around 50%, Mango Markets’ price feed showed.
Mango Markets has contacted the hacker through a statement regarding a bounty for the return of the funds.
The company, a decentralised crypto exchange, offers users the ability to make spot trades and loans.
This exploit was the second major decentralised finance attack in less than a week. The crypto industry witnessed an $80 million hack last week on Binance’s BNB blockchain.
The Binance Coins (BNB) were stolen after an exploit occurred on a bridge between blockchains.
According to Chainalysis, the total revenue for crypto crime in the first half of this year stood at $1.6 billion, less than the figure recorded in the first half of 2021. The drop in crypto crime figures has coincided with a fall in crypto values. However, some forms of crypto-crime have risen in the last year, such as the value of hacked crypto assets has increased from $1.2 billion to $1.9 billion.
While Bloomberg reported that about $2 billion had been lost in crypto hacks this year, many of those hacks were perpetrated by North Korea-linked groups, and cross-chain bridges used to transfer tokens across blockchains have been a popular target.
The Binance hack has shown that even though the Binance ecosystem is among the highest profile, it can still be buffeted.
Image source: Shutterstock