More than $100 million was stolen from the decentralized finance (DeFi) platform Mango, which is built on the Solana blockchain. On their official Twitter, the platform said that they were looking into the matter and were taking measures to have third parties freeze payments in transit.
OtterSec, a service that does blockchain audits, stated that it looks like the attacker was able to modify the Mango collateral of the website. They first made a momentary increase in the value of their collateral, and then they obtained enormous loans from the Mango corporation’s coffers.
The breach—which occurred on Tuesday—was the second big assault on decentralized finance in less than a week. It came on the heels of a theft that occurred the previous week on Binance’s BNB blockchain that stole $80 million.
Binance‘s founder and CEO, Changpeng Zhao, often known as “CZ,” issued a warning to users through Twitter, saying:
“A lot of hacks in DeFi these days. Manage your risks. Think about worst-case scenarios. Don’t put all your eggs in one basket.”
According to a person on Twitter who goes by the handle ChenWainuo, the attacker received funding of 5.5 million through the FTX exchange. OtterSec explained that the MGNO governance token was being sold at a price that was far higher than it should be.
It would seem that the attacker was able to use it to their advantage by taking out huge loans against it and then depleting Mango’s liquidity pools. It’s kind of like a race between lending and borrowing: if you have collateral that’s been overvalued, you can borrow against it, and that’s what they did, according to OtterSec. It’s like a race.