Mango Markets, decentralized finance (defi) platform built on the Solana blockchain, was hacked last night and lost $100 million in user funds. Mango Markets reported that hackers had exploited a vulnerability in its “flash loan” system to drain funds overnight, causing it to permanently close its doors.
Flash loans allow a user to borrow funds immediately against their account and repay the loan within one transaction block. The Mango Markets incident is believed to be the second flash loan hacking attack in recent weeks, after an unknown attacker on the Ethereum network stole $37 million from Acropolis using a flash loan hack. According to data analysis shared by Solana token tracker Sollet.io this morning, roughly $100 million worth of assets were drained from the Mango Market protocol during the exploit.
“Mango Markets was built to allow users to access loans and investments without needing to use traditional banks or financial institutions,” reads the statement from Mango Markets CEO Mike Sowers. “The hack took place after we had already raised over $1 million USD worth of crypto.”
Mango Markets Down By 52%
The hack has been confirmed by both members of crypto community and exchanges that have listed Mango’s token ($MGO). According to an update from KuCoin, one of these exchanges: “We will suspend deposits/withdrawals/trading for [$MGO] due to a hack on their mainnet.”
The platform has been permanently shut down after hackers stole $100 million worth of its own token, the MAMM token. The hack was reportedly made possible by exploiting the flash loan system on the site, which allowed users to repay their loans in one transaction rather than several smaller ones over time.
Flash loans are a very fast way to borrow money. A user can take out a flash loan by depositing the collateral they want to use as security, such as ETH or tokens, and then get paid back within one block of their request. After this initial repayment, there are no interest payments or fees associated with your loaned funds.