© Reuters
Investing.com – Cryptocurrency hacks are common, with at least $718 million stolen so far in October alone.
Which raised last year’s total balance of $3 billion and put 2022 on track to be a record for total value hacked, according to blockchain specialist Chainalysis Inc.
After the platform promised not to prosecute the hackers or freeze the funds, as more than 100 million dollars were stolen in a theft operation, a hacker got 50 million dollars in the theft of Mango DeFi
In detail, the Mango DAO community on Saturday recovered a portion of about $100 million stolen this week after allowing the hacker to keep about $50 million in funds.
50 million for the thief
The settlement concludes several days of tense negotiations between the hacker and Mango, which are governed by a community of token holders who vote on any changes.
Shortly after the theft, the hacker posted a proposal on the Application Governance Forum demanding that bad debts be cleared on the platform – a deal that was not approved by the majority of Mango token holders even after the hacker voted for it with some of the stolen tokens.
Mango then posted a counteroffer, offering to let the hacker hold about $50 million to return the rest of the money with the promise of no criminal prosecution and erasure of bad debts.
Money back
“We have received a notification of the refund,” Mango’s Maximilian Schneider said in a Discord message. Community members are expected to meet to discuss how to return the $67 million to users, with plans to be voted on next week, according to Mango’s Twitter.
In a series of tweets on Saturday, someone took responsibility for the hack, saying that he “shared a very profitable trading strategy with a team last week” on Mango.
“I believe all of our actions were legal proceedings that are open to the market, using the protocol as designed, even if the development team didn’t fully anticipate all the consequences of setting standards the way they are,” according to the account that claims to be Avraham Eisenberg.
Biggest return in a year
When accessed on Twitter, the user did not immediately provide proof of his identity.. Schneider of Mango noted that the tweet came from the hacker, saying he did not agree that the actions were legal.
The payout will probably be the biggest ever for hackers in over a year.
Earlier, PolyNetwork offered an attacker who drained $610 million from the platform a job and a reward in return for the money, which was eventually compensated.
The rewards can run into the millions – but they are usually given to programmers who point out vulnerabilities, not to hackers who steal money.
Obvious failure
“This is a clear failure of secure governance,” said Michael Leolin, head of solutions engineering at cryptographic security provider OpenZeppelin.
“If an attacker manages to steal enough tokens to vote himself a reward, it sends a signal that DAOs can be successfully hacked using the stolen tokens to avoid repercussions.
what happened?
In the Mango heist, two accounts funded by the US dollar stablecoin took large positions in the Mango perpetual futures contract, causing the price of the Mango token to rise.
The price jump led to an unrealized profit on the futures contract, as the attacker used it to borrow and withdraw about $100 million, leaving depositors with nothing.
According to DeFi Llama, a hacker stole more than 10% of the total value locked onto the blockchain that Mango relies on.
It is unclear how much the hacker would benefit from the hack, as the attacker invested millions in carrying out the attack.
Hacks are common, with at least $718 million stolen so far in October alone, raising last year’s $3 billion total balance and putting 2022 on track to be a record total for the total value hacked, according to blockchain specialist Chainalysis Inc.