October Already Record Month for Hacks and Exploits

BNB funds still up in the air, Mango Markets hacker leaves on-chain trail


Blockworks exclusive art by axel Rangel


key takeaways

  • Hackers have grossed $718 million so far during October, Chainalysis says
  • At least four known exploits targeted DeFi protocols on Oct. 11 alone

The culprit behind the $112 million siphoned from Mango Markets, a decentralized finance trading platform on the Solana blockchain, may have trouble cashing out.

The attacker manipulated the spot price of the Mango governance token (MNGO) on centralized exchanges, then used the inflated coins as collateral to borrow stablecoins, leaving the protocol with bad debt once the price of MNGO returned to Earth.

The exploiter then proposed to return a fraction of the funds via the platform’s governance system. In a curious twist, the exploiter’s address, it emerged, turned out to be the leading “yes” vote for that proposal.

The ill-gotten stablecoins can be traced on the blockchain from Solana to corresponding USD Coin (USDC) transfers on Ethereum. The funds were then swapped through a decentralized exchange to dai (DAI), which removed the risk of being frozen by USDC issuer Circle.

“Circle is investigating the incident in question and will take appropriate action,” a Circle spokesperson told Blockworks.

The Ethereum wallet that received the stolen funds now holds over $30 million in assets, including the ENS domain ponzishorter.eth. The wallet has a long history of NFT and DeFi-related transactions — unusual for a heist of this magnitude, where perpetrators tend to limit links to any potentially identifying information. That may aid law enforcement or exchange investigators seeking to link the address to a real person.

The incident revealed a weakness in Mango Markets’ price oracle, which FTX CEO Sam Bankman-Fried described as a failure of risk management.

Four DeFi hacks in one day

The Mango Markets hack stood out for the large quantity of funds that was stolen. However, it was just one of four attacks on decentralized finance (DeFi) protocols that took place on Oct. 11. In total, approximately $115 million was stolen.

The second-largest exploit targeted TempleDAO, a yield-farming DeFi protocol, resulting in the loss of 1,831 ether, or $2.34 million at press time. 

Stax, a decentralized application powered by TempleDAO, tracked the address of the actor responsible, and in the meantime, cautioned users against making further deposits into STAX contracts.

In third place, layer-1 blockchain QANplatform suffered a bridge hack during which 1.4 billion QANX tokens, or just over $1 million, were drained from the QANX Bridge on both the Binance Smart Chain (BSC) and Ethereum.

The company stated that only the QANX Bridge smart contract deployer wallet was compromised — and that affected QANX token holders will be compensated.

The last target of Oct. 11 was Ethereum wallet service Rabby, which reported an exploit in its smart contract for its Rabby Swap feature that resulted in an approximately $200,000 loss. It is still reportedly tracking the stolen funds.

These attacks all took place days after the exploit of Binance’s BNB Chain that affected the BSC Token Hub — the native cross-chain bridge between BNB Beacon Chain and BNB Smart Chain. The hacker successfully extracted around $100 million before being shut down.

BNB Chain is assessing next steps to upgrade and remedy the vulnerability.

“BNB Chain is less decentralized than Ethereum now, but more decentralized than many others. It will become more and more decentralized as our tech team continues to make progress,” according to a BNB Chain blog post.

It’s been a rough year

The month of October — which is less than halfway through — has recorded the highest value hacked all year — $718 million across 11 different DeFi protocols so far, according to blockchain analytics unit Chainalysis.

Loading Tweet..

The second-highest month was March, due to the Ronin network’s breach for roughly $625 million, or 173,600 ether and 25.5 million USDC — the largest single hack to date. 

Chainalysis suggests that if this trend continues, 2022 will “likely surpass 2021 as the biggest year for hacking on record.”

Last year recorded over 200 hacks and more than $3 billion in losses. This year has already seen 125 hacks as it approaches the $3 billion threshold.

Cross-chain bridges appear to be a major target for hackers, accounting for 82% of losses this month and 64% of losses all year, according to Chainalysis data.

Youwei Yang, chief economist at bitcoin mining company BIT Mining Limited, told Blockworks that the technology behind cross-chain bridges “has to take some time to develop more thoroughly,” and attributes most problems to “the validators that are not that large of a group nor decentralized enough.”

He added that frequent hacks are “another reason why institutional investors — especially old money — are not fully ready to join the crypto force yet.”

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

Mon - Wed, March 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience: Attend expert-led panel discussions and fireside chats Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts.

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Top Icon.png


Osmosis thrived in H2 2023 on the back of increased DeFi activity deriving from recently launched Cosmos-related projects and better market conditions. With new value accrual mechanisms for the native token, Osmosis is well-positioned to continue its strong performance in 2024.



Though the opposing flow trend is likely to slow over time, industry watchers note, bitcoin fund assets could one day eclipse the $90 billion gold ETF space


Celestia had the first mover advantage. EigenDA has staked ether. What sets Avail apart?


Bitcoin moved 1% higher Monday morning in New York, Matrixport analysts say $62,000 could happen next month


It’s hard to believe right now that crypto — even with all of its flexibility and massive capabilities — could ever be like cash on the internet


Michael Saylor announced Monday morning that MicroStrategy bought 3k more bitcoin after the X account was compromised over the weekend


Plus, Pudgy Penguins grows its brand and a group of Autoglyphs sell for $14.5 million