{"id":514188,"date":"2022-11-22T19:30:00","date_gmt":"2022-11-22T16:30:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/mango-markets-hacker-allegedly-feigns-curve-short-attack-to-exploit-aave\/"},"modified":"2022-11-22T19:30:00","modified_gmt":"2022-11-22T16:30:00","slug":"mango-markets-hacker-allegedly-feigns-curve-short-attack-to-exploit-aave","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/mango-markets-hacker-allegedly-feigns-curve-short-attack-to-exploit-aave\/","title":{"rendered":"# Mango Markets hacker allegedly feigns Curve short attack to exploit Aave"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2eaa47300e3\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2eaa47300e3\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/mango-markets-hacker-allegedly-feigns-curve-short-attack-to-exploit-aave\/#%E2%80%9D_Mango_Markets_hacker_allegedly_feigns_Curve_short_attack_to_exploit_Aave_%E2%80%9C\" >&#8221; Mango Markets hacker allegedly feigns Curve short attack to exploit Aave  &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Mango_Markets_hacker_allegedly_feigns_Curve_short_attack_to_exploit_Aave_%E2%80%9C\"><\/span>&#8221; Mango Markets hacker allegedly feigns Curve short attack to exploit Aave  &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTEvZTIxZTFlMWYtNDM4Yy00ZmU0LTgzOTEtMjI0YjA1OGQ1ZmE4LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-5129e2ea>As described by analysts at Lookonchain on Nov. 22, tokens of decentralized exchange Curve Finance (CRV) <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ear to have suffered a major <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/lookonchain\/status\/1595022256018702339\">short-seller attack<\/a>. According to Lookonchain, ponzishorter.eth, an address associated with Mango Markets exploiter Avraham Eisenberg, first swapped 40 million USD Coin (USDC) on Nov. 13 into decentralized finance protocol Aave to borrow CRV for selling.\u00a0<\/p>\n<p>The act allegedly sent the price of CRV falling from $0.625 to $0.464 during the week. Fast forward to today, blockchain data shows that ponzishorter.eth borrowed a further 30 million CRV ($14.85 million) through two transactions and transferred them to OKEx for selling. The team at Lookonchain hypothesized that the trade was conducted to drive down the token price &#8220;so many people who used CRV as collateral will face liquidation.&#8221;<\/p>\n<p>In response to the heavy selling activity, a wallet associated with Curve&#8217;s founder added 20 million more CRV in collateral. On Aave, the wallet addresses&#8217; health factor was 1.65 at the time of publication, indicating an excess of collateral against borrowed assets.<\/p>\n<p>But as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ArkhamIntel\/status\/1595041058752147456\">told<\/a> by blockchain analytics firm Arkham, the trades &#8220;may simply be bait,&#8221; with Aave being the primary target instead. Arkham claims that Eisenberg built up an over $100 million position on Aave for a sophisticated trading scheme.\u00a0<\/p>\n<p>It first involves a distraction short of CRV tokens on Aave, which is illiquid on the platform but also has very low margin requirements, both of which are important factors for the exploit. The ensuing attention would prompt users to buy the dip en mass to defend the price of CRV and, for others, to try to squeeze the short-seller to cover their position for a loss.<\/p>\n<p>However, the real conspiracy appears to be exploiting the possibility that Aave cannot cover Eisenberg&#8217;s CRV short positions, as the platform allegedly does not have enough liquidity to buy back more than 20% of the short. This would then favor bets against Aave and the price decline of its native token:<\/p>\n<blockquote><p>&#8220;The real target here was AAVE&#8217;s vulnerable looping system, which Avi mentioned last month. Using $40 million to borrow almost $50 million of CRV could leave AAVE with severe bad debt.&#8221;<\/p><\/blockquote>\n<p>&#8220;To liquidate Avi&#8217;s position, Aave liquidators will have no way to buy back all the CRV he borrowed. AAVE will have to sell significant amounts of tokens from the safety module to cover this loss,&#8221; wrote Arkham. A screenshot of a swap quote provided by the firm shows an 89.8% potential swap impact between USDT and CRV for the estimated $100M position.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">he put in a fuck ton of usdc. can borrow at 90% ltv<\/p>\n<p>borrowed heaps of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24CRV&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$CRV<\/a>. psyop short.<\/p>\n<p>pump curve ridiculously.<\/p>\n<p>aave has to liquidate the &#8220;usdc&#8221; and buy back enormous amounts of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24CRV&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$CRV<\/a>, literally 50-100% slippage on orders of that size<\/p>\n<p>\u2014 Fraxgener 200x (@napgener) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/napgener\/status\/1594898794256146432?ref_src=twsrc%5Etfw\">November 22, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>At the time of publication, CRV is up 15.47% to $0.5742 in the past 24 hours, while the price of Aave has declined by 6.33% to $53.54 during the same period. On Oct. 11, Eisenberg drained $117 million from the Mango Markets protocol and kept $47 million as bug bounty before returning the rest, calling it a &#8220;highly profitable trading strategy.&#8221;<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/mango-markets-hacker-allegedly-feigns-curve-short-attack-to-exploit-aave\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Mango Markets hacker allegedly feigns Curve short attack to exploit Aave &#8220; As described by analysts at Lookonchain on Nov. 22, tokens of decentralized exchange Curve Finance (CRV) appear to have suffered a major short-seller attack. According to Lookonchain, ponzishorter.eth, an address associated with Mango Markets exploiter Avraham Eisenberg, first swapped 40 million USD&#8230;<\/p>\n","protected":false},"author":1,"featured_media":514189,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTEvZTIxZTFlMWYtNDM4Yy00ZmU0LTgzOTEtMjI0YjA1OGQ1ZmE4LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[92664,74894,74863,133012,74868,4965],"class_list":["post-514188","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-aave","tag-blockchain","tag-cryptocurrencies","tag-curve-finance","tag-defi","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/514188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=514188"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/514188\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/514189"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=514188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=514188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=514188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}