The Mango Markets protocol has experienced an exploit that allowed a person or group to get away with around $100m worth of various cryptoassets.
Per a Twitter thread from Mango Markets, the exploit was carried out by a person or group funding an account with the stablecoin USDC, and later taking what was described as an “outsized position” the Mango token perpetual futures market (MNGO-PERP).
Within a few minutes, the price of the MNGO rose by 5x to 10x on a number on external exchanges, which Mango’s price oracles used as its reference for the MNGO-PERP price. The increased unrealized profit on the account then meant that the same user could borrow and withdraw approximately $100m worth of BTC, USDT, SOL, mSOL and USDC, the team said.
The exploit was detected and the Mango Protocol frozen at 02:37 UTC on October 12 to prevent users from taking further actions that could potentially put their funds at risk, the Twitter thread further said.
“As of now any Mango users with deposits on the protocol are not able to withdraw assets; This incident has effectively resulted in a total draining of all equity available,” the team said. It added that the parties behind the exploit “communicated on the Mango DAO,” and that they are “indicating a willingness to negotiate.”
The team further stressed that a key goal now is to make sure Mango users “are made whole” after the incident:
In conclusion, the Mango team made it clear that they intend to seek a solution directly with the group behind the exploit:
“We believe the most constructive way to approach this is to continue communicating with those responsible for the incident and in control of the funds removed from the protocol to attempt to resolve the issues amicably.”
Mango Markets is a
Read more on cryptonews.com