One specific method of hacking decentralized finance (DeFi) protocols is on the rise, according to blockchain data platform Chainalysis. In a new blog post, the market intelligence firm estimates that hackers stole a total of $386.2 million from DeFi protocols in 2022 using a type of attack known as “oracle manipulation.” Oracle manipulation involves hackers artificially inflating the trading volume of a low-liquidity token on a DeFi protocol, which is designed to spike the token’s price. Chainalysis notes that hackers will often use flash loans to secure the initial capital needed to inflate the token’s trading volume, then trade the designated token for a more stable crypto asset after pumping up the price. The firm estimates there were 41 separate oracle manipulation attacks in 2022, and it points to last October’s $100 million exploit of Solana-based (SOL) decentralized crypto exchange Mango Markets (MNGO) as a prime example of what that kind of hack looks like. Avraham Eisenberg, who runs a trading firm and describes himself as a “digital art dealer,” went public the week after the incident, claiming he was the brains behind what he described as a “legal” exploit of Mango. Eisenberg argued he was involved with a trading team that had a highly profitable strategy. The scheme left the decentralized exchange insolvent and users unable to access their funds. Chainalysis outlines how Eisenberg kicked off the attack with $10 million worth of USD Coin (USDC) in two separate accounts at Mango Markets.
Full report : Crypto Hackers Stole $386,200,000 From DeFi Protocols via ‘Oracle Manipulation Attacks’ in 2022.
Price manipulation, Oracle hacks, re-entrancy attacks, flash loans… OODA has been compiling a comprehensive Web3 incident database based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.