Mango exploiter uses stolen funds to ditch community against developers

  • The hacker of the $100 million exploit of the Mango Markets seems to have voted for their own solution for giving the stolen funds back, using the very governance tokens taken in the attack.

A person asserting responsibility behind the hack told members of the project’s decentralized autonomous organization (DAO) that they would give the major part of the attack back if the community accepts to repay the bad debt that was taken in June performance to safeguard another Solana project known as Solend.

Mango Markets is a decentralized exchange based on Solana. It is managed by a DAO built up of holders of its native token, MNGO. 

The hacker gave about 33 million votes supporting the offer, giving it an acceptance rating of 99.9% as of now. 

The tokens used to vote “yes” were of the same account as the one linked with the exploiter, advising that they were robbed in yesterday’s hack.

But as voting will wrap up on Friday, 67 million more “yes” votes are required to make the decision of the final result. Whether the result has any authority, given the way it has been attained, remains to be witnessed.

The demands of the exploiter are centered on bad debt that consequenced from a bailout achieved by Mango Markets and associate Solana platform Solend in June.  

The package was combined at that time for a whale in the Solend system whose heavy loans frightened to damage or even fall Solana. At a point in the crisis, the whale had borrowed 88% of all accessible USDC on Solend.

About $25 million worth of debt was then shifted across to Mango Markets, reducing the pressure on Solend’s liquidity. 

The proposer’s demands

The proposer now demands Mango to utilize the 70 million USDC in its treasury to pay back this bad debt made in June. 

“If the offer is passed, I will give the MSOL, SOL and MNGO in this account to an address publicized by the Mango team,” they wrote on the Realms page of the project. 

“The Mango treasury will be utilized to cover any left bad debt in the protocol, and all clients without bad debt will be made entire. Any bad debt will be seen as a bug bounty/ insurance, paid out of the mango insurance fund,” the proposal carries on. 

The co-founder of Mango, Dafydd “Daffy” Durairaj, replied to the Realms post, which he verified was written by him, that the team was “operating by tallying the losses and restricting losses from anywhere we can.”

Also, he could not give a solid offer; he said glading the attacker of any crime and making sure they made a good gain were his top targets. These were followed by targeting to make all Mango depositors whole and eventually keeping some funds in the Mango DAO treasury.

Nancy J. Allen
Latest posts by Nancy J. Allen (see all)

Source: https://www.thecoinrepublic.com/2022/10/14/mango-exploiter-uses-stolen-funds-to-ditch-community-against-developers/