Make Kitco Your Homepage

Mango Markets gets hacked for $100 million, but the culprit may already have been identified

Kitco News

Editor's Note: With so much market volatility, stay on top of daily news! Get caught up in minutes with our speedy summary of today's must-read news and expert opinions. Sign up here!

(Kitco News) - Hacks in the crypto ecosystem are nothing new, but the latest incident has taken an interesting turn, even by crypto standards.

It all started with an exploit of the Solana-based decentralized finance protocol Mango Markets (MNGO), which saw a hacker manipulate the price data of its native MNGO token that allowed them to take out under-collateralized cryptocurrency loans.

In total, the attacker was able to drain $100 million from the DeFi platform's coffers. At this point, it's unclear how the perpetrator was able to alter the price of MNGO from the perspective of the Mango protocol.

But the story doesn’t end there.

In the hours following the hack, the attacker engaged with the Mango community and sought to create and help pass a proposal that would see the stolen funds returned.

They subsequently used the stolen MNGO tokens to vote on and pass the proposal, leaving little recourse for the Mango Markets community.

Mango confirmed the exploit via a tweet on Tuesday, stating that it was investigating the incident and that it was "taking steps to have third parties freeze funds in flight" and "disabling deposits on the front end as a precaution."

The project later confirmed that it was a manipulation of the price oracle for its MNGO token that enabled the exploit and indicated that deposits would continue to be disabled amid the ongoing investigation.

Crypto sleuths were quick to jump on the case, and it looks as though the culprit may have been identified.

According to former economist Chris Brunet, who runs the Karlstack Crypto substack, the attacker has been identified as Avraham Eisenberg. Brunet claims to be on a private Discord server with Eisenberg, who goes by the username “Vires Creditor and Honest Person.”

Brunet provided a screenshot that shows Eisenberg bragging about “investigating a platform that could maybe lead to a 9 figure payday” and then explaining the logistics of how he planned to pull this off on the “minecraft chain.”

An additional screenshot provided shows $7,500,000 in funds going from the Mango exploiter’s address on Solana, routed through Circle, and deposited on Eisenberg’s ponzishorter.eth ethereum address.

Brunet reached out to Eisenberg in order to give him a chance to respond to or refute the allegations and provided him with a copy of the article for review prior to posting. The official response received did not address the Mango situation and instead discussed Eisenberg’s observations about being able to do a similar exploit on AAVE and Justlend.

“I will leave it up to the reader to decide how credible that is,” Brunet said, adding “To me, this essentially reads as: IF I DID IT…”

Microsoft joins forces with Meta to bring its suite of products to the Metaverse

At the time of writing, there had been no official response from Mango in regard to these allegations. The price of MNGO has fallen 30% from its pre-hack value and currently trades at $0.0275.

Tuesday's exploit of Mango Markets is the second major decentralized finance attack in less than a week following the Oct. 7 hack of Binance’s BNB blockchain, which saw thieves make off with $80 million in funds.

Disclaimer: The views expressed in this article are those of the author and may not reflect those of Kitco Metals Inc. The author has made every effort to ensure accuracy of information provided; however, neither Kitco Metals Inc. nor the author can guarantee such accuracy. This article is strictly for informational purposes only. It is not a solicitation to make any exchange in commodities, securities or other financial instruments. Kitco Metals Inc. and the author of this article do not accept culpability for losses and/ or damages arising from the use of this publication.