Mango Markets Exploiter Seeks to Keep $47M “Bug Bounty”

  • The person responsible for the Mango Market exploit, Avraham Eisenberg, has objected to Mango Labs’ lawsuit by claiming he had already settled with the DAO.
  • Mango Labs claimed last month that the settlement with the DAO was made “under duress”, and that he should return the $47 million “bug bounty”.


The person responsible for the exploit of decentralized finance (DeFi) protocol Mango Markets, Avraham Eisenberg, is trying to keep a portion of the funds he got from the platform.

According to documents filed with the New York District Court on 15 February, Eisenberg is objecting to a lawsuit from Mango Labs — which represents Mango’s decentralized autonomous organization (DAO) — that is asking for the remaining $47 million from the October attack. His attorneys have argued that he does not need to return these funds as Eisenberg had already reached a settlement agreement with the Mango DAO back in October.

Mango Labs filed a lawsuit against Eisenberg last month, claiming fraudulent misrepresentation and unjust enrichment. The firm further claimed that the settlement between the Mango DAO and Eisenberg — which allowed him to keep $47 million out of the $114 million exploited from the platform as “bug bounty” — should be voided as it was made “under duress”, and that Eisenberg “was not engaged in lawful bargaining”.

Attorneys for Eisenberg argued, however, that the “under duress” claim should be discarded as Mango Labs failed to provide evidence “in support of this theory”. They also pointed out that the agreed upon settlement was the second proposal presented, and that the first proposal was rejected by the Mango DAO.

This is not the only lawsuit Eisenberg is facing regarding his exploit of Mango Markets. He was arrested in Puerto Rico by the U.S. Department of Justice on 27 December, and was charged with one count of commodities fraud and one count of commodities manipulation. The U.S. Commodity Futures Trading Commission (CFTC) later filed a lawsuit against the individual, alleging he violated federal laws by “engaging in a manipulative and deceptive scheme” to manipulate the price of swaps offered by Mango Markets.

Related Coverage
Euler Finance Gives $200M Exploiter an Ultimatum
  • DeFi lending protocol Euler Finance has given the exploiter 24 hours to return 90% of the $197 million he stole in a flash-loan attack on Monday.
  • If the funds were not returned in time, the protocol is ready to post a $1 million bounty on any information that could lead to the arrest of the attacker.
March 15, 2023, 12:14 PM


Euler Finance Exploited for $197M in Flash Loan Attack
  • The attacker carried out multiple transactions to steal 85,818 staked ether (stETH), 34.5 million USDC, 849 wrapped Bitcoin (WBTC), and 8.9 million DAI.
  • Euler Finance is now working with security professionals and law enforcement trying to rectify the situation, and will provide more information in the near future.
DeFi Protocol Exploited by Alleged White Hat Hacker
  • DeFi lender has paused all borrowing while investigating an exploit which saw an attacker borrow $1.6 million worth of assets using only 1 GMX token.
  • The attacker, however, appears to be a white hat hacker who the platform has already contacted in order to remedy the situation.