Solana-Based Defi Protocol Mango Markets Loses $117 Million in Hack, Exploit Allegedly Revealed in Project’s Discord in March – Bitcoin News


According to various reports, the Solana-based trading and lending platform Mango Markets was hacked as a malicious actor was able to siphon $117 million from the protocol. An analysis of the hack published by Certik explains that the attacker manipulated the price of the project’s native token mango (MNGO) which allowed them to borrow $117 million against the exploited collateral.

Mango Markets Hacked for $117 Million, Blockchain Security Firm Summarizes the Attack Vector

On Tuesday, the Solana-based Mango Markets platform was hacked for $117 million. The team tweeted about the issue at 7:36 p.m. (ET) on October 11. “We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation,” the Mango Market’s Twitter account detailed. “We are taking steps to have third parties freeze funds in flight. We will be disabling deposits on the front end as a precaution, and will keep you updated as the situation evolves.”

The blockchain security and auditing firm Certik summarized the Mango Market hack in a post mortem and the team explained that the hacker was able to manipulate the token mango (MNGO). “The attacker used two addresses to manipulate the price of MNGO – Mango’s native token and collateral asset – from $0.038 to a peak of $0.91,” Certik explained in a note sent to Bitcoin.com News. “This allowed them to borrow heavily against their $MNGO collateral, which they did so to the tune of approximately $117 million, though this figure is fluctuating due to the prices of affected tokens reacting to the news.”

According to the blockchain security firm Hacken, the hacker started with roughly $5 million in USDC to accomplish the goals. The official Mango Market Twitter account confirmed that two accounts funded with USDC took out a massive long position in “MNGO-PERP.” “Underlying MNGO/USD prices on various exchanges (FTX, Ascendex) experienced a 5-10x price increase in a matter of minutes,” Mango said. Mango further added that no oracle providers were at fault for the incident. The team stressed:

We want to clarify and add mention here that neither oracle providers have any fault here. The oracle price reporting worked as it should have.

Meanwhile, the blockchain security and auditing firm Certik has disclosed that the attack vector was allegedly known as early as March 2022. “The vulnerability here stemmed from the thin liquidity on the MNGO/USDC market, which was used as the price reference for the MNGO perpetual swap,” Certik’s summary adds. “With only a few million USDC at their disposal, the attacker was able to pump the price of MNGO by 2,394%. This exact attack vector was apparently raised in Mango’s Discord channel back in March of this year,” the Certik post-mortem concludes.

Tags in this story
$117 million, attack vector, certik, Certik post mortem, Certik Researchers, Hack, Hacken, incident, incident report, Mango, Mango Markets, Mango’s Discord channel, MNGO/USDC, oracle prices, Oracles, post mortem, Solana, Solana Lending App, Solana Trading app, Twitter, twitter account

What do you think about the Mango Markets exploit? Let us know what you think about this subject in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 6,000 articles for Bitcoin.com News about the disruptive protocols emerging today.




Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.





Source link

Related articles

rebate administration providers

Producers use rebate packages to drive distributor engagement, improve gross sales quantity, and strengthen channel relationships. Nevertheless, managing rebates manually typically creates challenges associated to calculations, reporting, approvals, and monetary forecasting. Due to...

Why Pragmatism Drives Firms To Take Completely different Paths

Lengthy‑time period Web Zero commitments sometimes framed as emissions reductions aligned with a 2050 timeframe was a fad throughout world corporations up to now decade. It was the de-facto approach to sign advantage...

OPEC+ to lift oil manufacturing by 188,000 bpd in August

(WO) — Seven OPEC+ members have agreed to extend collective oil manufacturing by 188,000 bpd in August, persevering with the gradual rollback of voluntary manufacturing cuts whereas reaffirming their dedication to sustaining market...

Learn how to Begin Foreign exchange Buying and selling with $100

Final up to date: July 5, 2026 · By: Tim Morris, founding father of ForexMt4Indicators.comYou begin foreign currency trading with $100 by treating it as a studying stake, not an earnings engine. Danger...
spot_img

Latest articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

WP2Social Auto Publish Powered By : XYZScripts.com