Hacker Drains $100M from DeFi Platform Mango Markets

  • The attacker was able to manipulate the price of MNGO, which increased the collateral value of his account and allowed him take out massive loans.
  • The individual has proposed to send back the stolen funds if Mango Markets agrees to pay back bad debt using its remaining USDC and not pursue a criminal investigation.


Solana-based decentralized finance (DeFi) platform Mango Markets has suffered from a price manipulation exploit, which saw the exchange lose more than $100 million, the platform said on Twitter on 12 October.

According to the announcement, a hacker was able to manipulate the price of the exchange’s native token, Mango (MNGO), which allowed him to take out “massive loans” from Mango’s treasury. The team behind the project quickly disabled deposits “as a precaution”, took steps to have “third parties freeze funds in flight”, and asked the attacker to contact them to discuss a bug bounty.

“We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation. We will be disabling deposits on the front end as a precaution, and will keep you updated as the situation evolves.”

The attacker first deposited $5 million in USDC on Mango, which he used to open an outsized long position in MNGO-PERP. The prices of the token then jumped substantially in a “matter of minutes”, causing the collateral value of the attacker’s account to increase, and allowing him to take massive debt positions on Mango Market’s borrowing and lending platform. The account in question has since withdrawn $50 million in USDC, $26.7 million of mSOL, and nearly $24 million worth of SOL.

An update from the DeFi platform later indicated Mango’s team was able to contact the involved parties, which showed a “willingness to negotiate”. The platform stated that the best course of action right now would be to “continue communicating with those responsible”, and eventually “resolve the issue amicably”.

The hacker later made a proposal on Mango’s governance platform, requesting that Mango uses its remaining $70 million in USDC to repay bad debt within the protocol, with the debt being viewed as a bug bounty. The individual said he would return the stolen funds if the platform also promises to not pursue a criminal investigation or freeze his funds.

Related Coverage
Unibot to Compensate Users Affected by Exploit
  • Popular Telegram bot Unibot, which is used to snipe trades on Uniswap, became a victim of a token approval exploit earlier today, when it was switching to a new router.
  • After confirming the exploit, Unibot assured users that their keys and wallets were safe, and that the project will compensate all affected users.
October 31, 2023, 3:01 PM


Balancer Exploited After Giving Warning
  • DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
  • The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.
Kroll Data Breach Compromises FTX, BlockFi Customer Information
  • A cyber security incident at bankruptcy service provider Kroll has resulted in the exposure of “non-sensitive” customer data for claimants involved in the FTX and BlockFi cases.
  • Both companies confirmed that account passwords, systems, and funds remained safe, but warned customers to be on the lookout for phishing scams.