Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Mango, the Solana ecological decentralized financial platform, tweeted: “A hacker is currently investigating an incident in which a hacker extracted funds from Mango through price manipulation through oracle machines.” According to a detailed report, the protocol was encountered at approximately 6:00 on October 12, Beijing time. Attack, 2 accounts funded by USDC held excessive positions in MNGO-ERP, the underlying price of MNGO/USD on various exchanges (FTX, Ascendex) saw a 5-10 times price increase within a few minutes, Caused Switchboard and Pyth oracles to update their MNGO benchmark prices above $0.15, further causing unrealized profits to increase account value to market long MNGO-ERP, allowing accounts to borrow and withdraw BTC from the Mango protocol (sollet) , USDT, SOL, mSOL, USDC, which made the loan amount of the equivalent deposit of USD 190 million on the platform reached the maximum value, and the net value withdrawn from the account at that time was about USD 100 million. Attack method (per SlowMist): Flash Loan Attack. Reported loss: $ 100,000,000.
- chain
- solana
- protocol
- Mango
- bug_class
- oracle
- date_occurred
- 2022-10-12
- loss_usd
- $100,000,000
- source_id
- sm:mango::2022-10-12