The Mango protocol reported an exploit on its network, which took place at 22:00 UTC on the 11th of October, 2022. The exploit involved an outsized position in MNGO-PERP taken by 2 accounts funded with USDC and a 5-10x price increase for MNGO/USD on exchanges (FTX and Ascendex) in minutes.
The exploit led to Switchboard and Pyth oracles updating their MNGO benchmark price to $0.15+, Mango said. The MNGO-PERP account that was long had a mark-to-market increased value from the unrealized profit; thereafter, the account borrowed and withdrew BTC (sollet), USDT, SOL, mSOL, and USDC out of the Mango protocol. This action stepped the available borrows to the maximum out of the $190Million deposits on the platform.
According to Mango, “The net value extracted by the account was around $100 million equivalent at the time,”.
Mango has taken a forward step to freeze the Mango program instructions to prevent users from interacting with the protocol, like depositing more funds that may not be retrievable. The Mango platform reported that this action occurred at 02:37 UTC on October 12th.
Following the exploit, Mango users are unable to withdraw assets. “This incident has effectively resulted in a total draining of all equity available,” Mango added.
The Mango protocol hackers, however, communicated on the Mango DAO for negotiation. In line with the negotiation, the protocol said, “we believe the most constructive way to approach this is to continue communicating with those responsible for the incident and in control of the funds removed from the protocol to attempt to resolve the issues amicably.”
According to Coinmarketcap price data on the Mango token, MNGO was down over 40% following the attack. The Mango protocol exploit was the second major network attack in less than a week, after the BNB chain hack.
What do you think of this article? Share your comments below.