Mango Markets, a Solana-based decentralized finance (DeFi) exchange with headquarters in California, has reportedly sufferedย a breach of over $100 million. The attacker changed pricing oracle data and enabled getting uncollateralized cryptocurrency loans. Around 22:00 UTC October 11th the ๐ฅญ protocol had an incident involving the following: -2 accounts funded with USDC took an outsized position in MNGO-PERP -Underlying MNGO/USD prices on various exchanges (FTX, Ascendex) experienced a 5-10x price increase in a matter of minutes โ Mango (@mangomarkets) October 12, 2022 OtterSec, a blockchain security company,ย tweetedย that the exchange had lost over $100 million because the hacker misrepresented the price of their Mango (MNGO) native token collateral before taking out huge loans from Mangoโs treasury. It appears the attacker was able to manipulate their Mango collateral. They temporarily spiked up their collateral value, and then took out massive loans from the Mango treasury. pic.twitter.com/2IJrB9RcEJ โ OtterSec (@osec_io) October 11, 2022 Mango Acknowledged And Investigated The Incident In a Tweetย postedย on Tuesday, Mango acknowledged the vulnerability and said it was investigating the incident where a hacker was able to extract funds from Mango through an oracle pricing manipulation. The Mango Markets group urged the attacker to get in touch with them to discuss a bug bounty and advised users not to deposit the money until m...
