The Solana-based decentralized exchange Mango Markets, the DeFi protocol TempleDAO, and the crypto project QANplatform were attacked by cybercriminals.
Blockchain auditors from OtterSec tweeted that the DEX Mango Markets lost about $100 million due to manipulations with the price oracle.
The attacker managed to hijack control of MNGO’s value, the exchange’s native token and then received unsecured credit. According to Mango Markets, the attacker withdrew:
- $53 million in USDC and USDT;
- $24 million in SOL and $27 million in MSOL;
- $15 million in MNGO;
- $5 million in BTC.
Shortly thereafter, the platform team shut down the ability to make deposits and asked the attacker to contact them to discuss a bug bounty. However, the news of the exploit collapsed the value of MNGO. According to CoinGecko, as of October 12, the token’s price has fallen 40% in the past 24 hours.
In parallel, cybercriminals attacked the DeFi protocol TempleDAO. An anonymous Twitter user pointed to a platform hack that resulted in the withdrawal of $2.34 million. BlockSec’s blockchain security experts later reported that the attack was made possible by “the insufficient access control to the migrateStake function.”
The attacker’s account turned out to be linked to the Binance exchange. TempleDAO is already conducting a joint investigation into the incident with the exchange, and together with Hats Finance offered the hacker an increased reward.
Another cyberattack was carried out on the blockchain platform QANplatform. The hackers broke into the offline cross-chain bridge and took out more than $1 million worth of QANX tokens.
The attackers exchanged the stolen QANX for BNB and ETH, then sent them to Tornado Cash, which is under U.S. government sanctions. Shortly after the exploit, the project team suspended withdrawals and token trading on all platforms.
According to CoinGecko, the attack collapsed the price of QANX by over 90% in an hour, but as of October 12 at 13:00 (GMT+3), the project managed to recover about 20% of the value.
The number and scale of crimes in the decentralized finance market are growing. Hackers successfully attacked Brazil’s largest bank, Bitcoin blockchains, and Binance just the other day. Overall, criminals stole over $6.77 billion during the last two years via various DeFi-related protocols.