Mango, a DeFi platform running on the Solana blockchain, suffered a $100 million exploit, CoinDesk reported, citing a tweet by blockchain auditors OtterSec. The native token of the protocol, MNGO, saw its value inflated exponentially. The way this happened remains unknown.
At time of publication, the drained funds remained on the Solana blockchain. Binance, Coinbase, Kraken, and other centralized exchanges blacklist offending addresses in such cases. They tend to get involved as the only platforms with sufficient liquidity to cash out such huge amounts.
Robert Chen of OtterSec explained the attack, he said, “The [MGNO] governance token was valued for far more than it should be. With that, [the attacker] was able to take out large loans against it and then drain Mango’s [liquidity] pools.
“It’s like a lending-borrowing race: if you have overvalued collateral, you can then borrow against that collateral, and that’s what they did.”
Mango said it was taking the precaution of disabling deposits on the front end and measures for third parties to “freeze funds in flight.”
Mango is a decentralized cryptocurrency trading platform on the Solana blockchain, which lets its users take out loans and make spot trades. The MNGO token dropped by more than 40% on the news.
This exploit is the second very significant DeFi attack in just several days. Last week, Binance Smart Chain suffered an $80 million hack.