The case grows more interesting as the exploiter has now suggested a governance proposal that will approximately give them $70 million in the form of a bounty reward.
In another case of a cyber heist, the decentralized finance platform Mango Markets based on the Solana blockchain was drained of funds of over $100 million. The attack was originally revealed on Twitter by Blockchain auditors OtterSec, who claimed that the attacker could manipulate their Mango collateral.
Explaining how the exploit took place, OtterSec’s Robert Chen said that since the MGNO governance token was priced way more than it should be, the attacker took out massive loans against Mango’s liquidity pools. Similar to a lending-borrowing game, the overestimated collateral was used to borrow against. However, Chen is still unsure how the attacker was able to raise MGNO’s value in front of the Mango protocol.
But that’s not it. The case grows more interesting as the exploiter has now suggested a governance proposal that will approximately give them $70 million in the form of a bounty reward. According to the proposal, the attacker will return several tokens estimated at $50 million. The return of those funds is based on the Mango Markets leveraging its $70 million USDC treasury to settle all users without the chance of bad debt. If the proposal passes, the attacker would be allowed to retain the remaining capital.
For now, voting on the governance proposal is live and concludes on October 14th at 9:12 pm EST. The exploit has also utilized its stolen MANGO token (which is approximately 0.66% of the total supply) to vote yes on the proposal.
Mango acknowledged the heist on Tuesday, claiming that it was examining an event where a hacker was able to utilize the funds from Mango through Oracle price manipulation.
The depleted funds are for now still on the Solana blockchain. As a result of this episode, centralized exchanges like Coinbase, Binance, and Kraken, which have enough liquidity to be able to cash out large sums of funds, have blacklisted suspicious addresses.
In the original announcement, Mango Markets said that the company has been taking measures to have third parties freeze funds in flight and disallowing deposits on the front end as a cautionary activity.
The price of the MANGO token has fallen to fifty percent as a consequence of this episode. Mango is a decentralized crypto exchange on the Solana Blockchain that provides users the opportunity to create spot trades and loans.
The exploit that took place on Tuesday was the second major Decentralized Finance (DeFi) attack just days after Binance‘s BNB Chain suffered an $80 million hack.
Sanaa is a chemistry major and a Blockchain enthusiast. As a science student, her research skills enable her to understand the intricacies of Financial Markets. She believes that Blockchain technology has the potential to revolutionize every industry in the world.