Solana-Based Mango Protocol Suffers $100M+ Exploit
Mango Markets was victim to the latest exploit this week, as crypto cannot seem to escape an absolutely abhorrent Tuesday. Two exploits less than one day apart – and less than a week after the BNB Chain exploit that utilized a bridge to create millions of new BNB. Another nine-figure exploit has rocked the crypto sphere, this time with Solana-based Mango Markets. The protocol faced a massive drain of funds, over $100M worth, after a hacker drained the project through price manipulation and high-dollar leverage.
Let’s look at this latest exploit and what we know in the early hours.
The Price, Plus Pressure
We’re fresh off the heels of a massive, six-figure exploit of Binance Bridge that resulted in newly minted tokens in the range of $500M in value. While not as high-dollar, news of another million dollar vulnerability in Ethereum-based Temple DAO is less than a day old. The combination with now this latest trio in October alone rings another stark reminder how much of a vital issue both smart contract security and risk management are in this space. The Mango Markets lending protocol was one of the top five largest in TVL on the Solana blockchain, according to data from DefiLlama.
Mango Counters, Offers Bounty
Mango Markets has advised users not to deposit into the protocol following the exploit, and has asked the hacker to get in contact regarding a bug bounty. Critics have emerged with Discord screenshots from earlier this year that show channel moderators acknowledging concerns about exactly what seemed to have led to Mango’s downfall: massive futures bets against themselves and price manipulation, effectively taking advantage of a low-volume trading token.
Meanwhile, in their initial response, Mango has described the action as “oracle price manipulation.”Source