Stories are rising this morning of an assault on the TempleDAO yield farming protocol. The alert got here in from blockchain safety agency PeckShield on Oct. 11, stating that the attacker had transferred 1,831 ETH price round $2.34 million from the protocol.
Particulars are skinny on the bottom in the meanwhile, however the exploit seems to have concerned STAX and FRAX, which had been a part of its staking vaults. The liquidity supplier sensible contract for STAX was exploited, leading to losses, in accordance with Paladin Blockchain Safety.
#PeckShieldAlert Looks as if @templedao acquired exploited. The exploiter funded from SimpleSwap and already transferred 1,831 $ETH (~$2.34M) to a brand new handle 0x2B63d…B5A0 @peckshield https://t.co/bOyOARyyxY pic.twitter.com/SVEm8o95U6
— PeckShieldAlert (@PeckShieldAlert) October 11, 2022
Mango Markets Mauled
The lack of $2.three million was dwarfed by the quantity pilfered from the Solana-based Mango Markets DeFi derivatives platform a number of hours later.
On Oct. 12, Mango Markets reported that it had suffered an exploit attributable to an attacker manipulating an oracle worth and draining liquidity. As a lot as $100 million seems to have been pilfered within the hack.
What really occurred was a self-funded financial assault with the exploiter loading up an account with $5.5 million USDC. They then used this to take out a perpetual futures contract for the MNGO token and traded towards it. This manipulated the worth of MNGO upwards, permitting the attacker to take out Mango treasury loans and drain the liquidity earlier than it crashed.
Blockchain safety agency OtterSec was one of many first to report and clarify the exploit, which didn’t contain flash loans.
We’re persevering with to analyze the current Mango Markets hack.
Let’s clear up some misinformation. 🧵 pic.twitter.com/hCtTwz1l5c
— OtterSec (@osec_io) October 12, 2022
The attacker has since opened a Mango DAO governance proposal that each one dangerous money owed be paid from the $70 million treasury for a return of the stolen tokens and a bounty for the perpetrator.
MNGO token costs have dumped round 50% for the reason that assault, and there may be little liquidity left within the protocol to settle excellent by-product contracts.
The third assault to happen over the previous day was a bridge exploit on the QANplatform. As reported by CryptoPotato on Oct. 11, round $1 million was stolen from the quantum-resistant layer-1 blockchain inflicting its QANX token worth to break down.
Nearly half of the protocol’s token provide of three.three billion was stolen on this newest bridge assault.
The three exploits come lower than per week after BNB Chain was drained for as a lot as $500 million forcing the corporate to freeze the community.