In a bizarre twist in the alleged hacking of Solana-based trading platform Mango Markets last week, the alleged hacker has come forward and returned some of the lost funds, claiming that he undertook a legal strategy to manipulate the cryptocurrency trading platform.
A Twitter user by the name of Avraham Eisenberg has claimed responsibility for removing the funds. In a series of tweets, Eisenberg claimed that everything he did was legal because he used the protocol as it was designed, “even if the development team did not fully anticipate all the consequences of setting parameters the way they are.”
Eisenberg was previously claimed to have undertaken a “flash loan” attack that resulted in the loss of about $116 million from Mango Markets. A flash loan attack is a decentralized finance attack where a cybercriminal takes out a flash loan — a noncollateralized loan from a lending protocol — and then manipulates the price of a crypto asset on one exchange to sell it quickly on another.
The claims that a flash loan attack was used to take the funds were disputed initially. Although there are some similar elements, what Eisenberg did is more of a case of traditional market manipulation.
The Block explained Saturday that Eisenberg undertook an allegedly legal strategy that required $10 million to drain the funds from Mango Market. The trade is said to have worked by manipulating the “price oracle” to inflate the Mango token price threefold, from 30 cents to 91 cents. That boosted the value of Eisenberg’s collateral and allowed him to borrow more funds from the protocol.
Another strange aspect of the story when it broke is that the alleged hacker, now believed to be Eisenberg, told the decentralized autonomous organization behind the token that he would return the cryptocurrency if the community agreed to repay a bad debt from June that was used to save another Solana project called Solend.
The MNGO DAO works on a democratic basis, with all those holding MNGO getting a vote — including Eisenberg. The original proposal was voted down, despite Eisenberg voting in favor of his proposal.
To remedy the situation, I helped negotiate a settlement agreement with the insurance fund with the goal of making all users whole as soon as possible as well as recapitalizing the exchange.
— Avraham Eisenberg (@avi_eisen) October 15, 2022
Instead, Eisenberg then negotiated a new deal in which he would keep $47 million while returning the remainder of the taken funds to recapitalize the exchange. The returned funds compromised $48 million in Solana tokens, $10 million in stablecoin USDC and $90,000 in GoMining tokens.
The funds kept by Eisenberg are now being described as a sort of bug-bounty payment, with the deal also including a promise that no legal action would be taken.
From the moment this case started, there was something very strange about it and its resolution begs further questions. But seemingly, the DAO has voted for the best way it could find to walk away from the situation while keeping Mango Markets in business.
The case highlights unseen vulnerabilities on trading platforms across all markets and, in this case, the still somewhat emerging DeFi and Web3 markets.