{"id":506381,"date":"2022-11-03T16:41:16","date_gmt":"2022-11-03T13:41:16","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/"},"modified":"2022-11-03T16:41:16","modified_gmt":"2022-11-03T13:41:16","slug":"how-low-liquidity-led-to-mango-markets-losing-over-116-million","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/","title":{"rendered":"# How low liquidity led to Mango Markets losing over $116 million"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3c575c670fd\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3c575c670fd\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/#%E2%80%9D_How_low_liquidity_led_to_Mango_Markets_losing_over_116_million_%E2%80%9C\" >&#8221; How low liquidity led to Mango Markets losing over $116 million  &#8220;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/#How_Mango_Markets_was_exploited\" >How Mango Markets was exploited<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/#After_the_exploit\" >After the exploit<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\/#Attacker_reveals_their_identity\" >Attacker reveals their identity<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_How_low_liquidity_led_to_Mango_Markets_losing_over_116_million_%E2%80%9C\"><\/span>&#8221; How low liquidity led to Mango Markets losing over $116 million  &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvNzUwMzllM2QtNjU3ZS00NWI1LTk3MWUtMjU1ZWNlZTEzNDk0LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-4b69a2fe>It would seem that the hackers used an \u201coracle price manipulation\u201d tactic in the exploit on the Solana-based DeFi network, as <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/mangomarkets\/status\/1579979342423396352\">indicated by a tweet<\/a> sent by the official account for the Mango cryptocurrency exchange.<\/p>\n<p>In mid-October, traders took advantage of a vulnerability in the decentralized finance (DeFi) trading platform Mango Markets and stole more than $110 million worth of cryptocurrencies off the network.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation. <\/p>\n<p>We are taking steps to have third parties freeze funds in flight. 1\/<\/p>\n<p>\u2014 Mango (@mangomarkets) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/mangomarkets\/status\/1579979342423396352?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>A further thread on <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/joshua_j_lim\/status\/1579987648546246658?s=20&amp;t=2jQ0K0BoVCZbyqV5bvsQZw&amp;\">provided<\/a> a detailed breakdown of how the incident transpired. The attacker began their mission by funding an account on the site with USD Coin (USDC) for $5 million, which were used to purchase 483 unites of perpetual contracts in Mango (MNGO) token, the platform\u2019s native cryptocurrency.<\/p>\n<p>The attacker used this technique to drive up the price of MNGO from $0.03 to $0.91, increasing the value of their MNGO holdings to $423 million.<\/p>\n<p>The funds were then used to acquire a loan for $116 million using several tokens on the platform, such as Bitcoin (BTC), Solana (SOL) and Serum (SRM). Unfortunately, the loan eliminated all of the liquidity in Mango Markets, which resulted in a steep drop in the price of MNGO to $0.02.<\/p>\n<p>The development team for Mango Markets subsequently said that it is looking into what occurred and has initiated an inquiry into it. The protocol made the <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a> available to its users over its different social media outlets, stating that it has temporarily halted deposits while it conducts more research. Additionally, the team informed users that they should refrain from depositing cash into the site before they disable the ability to do so.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How_Mango_Markets_was_exploited\"><\/span>How Mango Markets was exploited<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The attacker was able to manipulate the MNGO token price, driving it up 30 times in such a short amount of time, by taking out enormous perpetual contracts. An attacker can pull this off by taking advantage of limited market liquidity to artificially inflate a token\u2019s price by making huge purchase orders to push the price and then use new investors as exit liquidity to cash out. This is the same strategy that is employed in pump-and-dump scams.<\/p>\n<p><strong><em>Recent:\u00a0\u2018DeFi will replace institutions entirely,\u2019 says BitGo CEO Mike Belshe<\/em><\/strong><\/p>\n<p>However, this kind of exploit is difficult to carry out when there is a very large quantity of liquidity since the amount of cash required to manipulate the price would be much higher. Since new or relatively unknown tokens often have extremely little liquidity, pump-and-dump schemes are more common with such tokens.<\/p>\n<p>Mango Markets would have been able to protect itself from this exploit if it had enough liquidity. The use of an automated market maker (AMM) is one strategy that Mango Markets may have utilized to boost its level of liquidity. Automated market makers are computer programs that decide the price of a token by collecting liquidity from users and employing various mathematical formulas.<\/p>\n<p>Ben Roth, co-founder and chief information officer of Auros \u2014 an algorithmic market-making firm \u2014 told Cointelegraph: <\/p>\n<blockquote><p>\u201cAdverse trading behavior is a by-product of illiquid market conditions. Therefore, when \u2018bad actors\u2019 are able to construct an attack vector that has a high degree of certainty due to low liquidity, the incentive to undertake these sorts of \u2018exploits\u2019 rises.\u201d\u00a0<\/p><\/blockquote>\n<p>\u201cWhen working with an algorithmic market-maker, token issuers simultaneously disincentivize this adverse behavior while building confidence in the consistency of liquidity during a variety of market conditions,\u201d he added.<\/p>\n<p>Large tokenholders, also known as liquidity providers (LPs), are responsible for the operation of AMMs. LPs are responsible for introducing equal quantities of token pairings (such as MNGO\/USDC) into pools. This makes it possible for decentralized exchanges to outsource their liquidity while still providing the LPs with compensation in the form of a share of the trading fees collected on the platform.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"After_the_exploit\"><\/span>After the exploit<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>One day after the exploit on Mango Markets, the perpetrator made a suggestion via the decentralized autonomous organization (DAO) that was part of the platform. The attacker suggested that the Mango DAO pay off any outstanding debts with its $70 million treasury instead of using the attacker\u2019s funds.<\/p>\n<p>The deal stated that the Mango DAO team should use the funds from their treasury to make up for any outstanding financial obligations. After that, the cybercriminal would send the stolen tokens to an address provided by the group responsible for the Mango DAO.<\/p>\n<p>By voting with millions of tokens taken during the exploit, the hacker <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>eared to support this idea, which is another kind of manipulation. Additionally, the perpetrator of the incident asked that no criminal proceedings be opened against them if the petition was approved.<\/p>\n<p>Eventually, the Mango Markets community agreed to let the attacker keep a large portion of the tokens as a \u201cbug bounty.\u201d The terms are part of a deal that will see the return of $67 million worth of stolen tokens, with the attacker keeping the remaining $47 million out of the $117 million taken.<\/p>\n<p>The deal was reached via a vote in the Mango DAO, with 98% of voters (or 291 million tokens) voting in favor. The proposal included Mango Markets not pursuing legal charges against the hacker.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Attacker_reveals_their_identity\"><\/span>Attacker reveals their identity<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The attacker behind the exploit later came forward to reveal their identity. Avraham Eisenberg <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/avi_eisen\/status\/1581326197241180160?s=20&amp;t=Q4wo2HxfFeeTBzhDdX7V-Q\">announced<\/a> on Twitter that he was \u201cinvolved with a team that operated a highly profitable trading strategy last week,\u201d i.e., those responsible for the $100 million attack perpetrated on Mango Markets.\u00a0<\/p>\n<p>Eisenberg continued to say, \u201cI believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are.\u201d<\/p>\n<p>He pointed out that as a consequence of the exploit, Mango Markets fell bankrupt, and he also said that the insurance money was not enough to pay all the liquidations that occurred. Because of this, more than one hundred million dollars worth of user cash was lost.<\/p>\n<p>However, Eisenberg claimed that he \u201chelped negotiate a settlement agreement with the insurance fund,\u201d to make all users whole again while recapitalizing the exchange. Eisenberg finished his Twitter thread by saying, \u201cAs a result of this agreement, once the Mango team finishes processing, all users will be able to access their deposits in full with no loss of funds.\u201d<\/p>\n<p>Eisenberg continues to claim that his actions were legal, being similar to automatic deleveraging on cryptocurrency exchanges. Automatic deleveraging is a process where exchanges use a portion of the profits earned from successful traders to cover losses due to other traders that have been liquidated.<\/p>\n<p>However, Michael Bacina, partner at Australian law firm Piper Alderman, previously told Cointelegraph, \u201cIf this had occurred in a regulated financial market, it would be likely seen as market manipulation.\u201d<\/p>\n<p><strong><em>Recent:\u00a0Can internet outages really disrupt crypto networks?<\/em><\/strong><\/p>\n<p>While users could still theoretically pursue legal action against Eisenberg, Bacina said it is not commercially viable, stating:<\/p>\n<blockquote><p>\u201cAssuming claims survive the proposal, any claims would still need to be reduced by any amounts which had been received by a member as a result of the proposal, which may mean many members have limited commercial incentive to sue Mr. Eisenberg.\u201d<\/p><\/blockquote>\n<p>Going ahead, it will be interesting to see how DeFi protocols can better secure their protocols, either with AMMs to stop these types of exploits in the first place or through subsequent legal action.\u00a0<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more News articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/how-low-liquidity-led-to-mango-markets-losing-over-116-million\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; How low liquidity led to Mango Markets losing over $116 million &#8220; It would seem that the hackers used an \u201coracle price manipulation\u201d tactic in the exploit on the Solana-based DeFi network, as indicated by a tweet sent by the official account for the Mango cryptocurrency exchange. In mid-October, traders took advantage of a&#8230;<\/p>\n","protected":false},"author":1,"featured_media":506382,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvNzUwMzllM2QtNjU3ZS00NWI1LTk3MWUtMjU1ZWNlZTEzNDk0LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74868,74882,74892,117,70944,4965,71407],"class_list":["post-506381","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-defi","tag-hacks","tag-tokens","tag-business","tag-hackers","tag-technology","tag-trading"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/506381","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=506381"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/506381\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/506382"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=506381"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=506381"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=506381"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}