Evening News | Mango suffers an attack with potential losses reaching $100 million; Google partners with Coinbase to launch crypto payment cloud services
STEPN will lay off over 100 people during the bear market; BNB Chain will execute a hard fork this week aimed at restarting cross-chain infrastructure.Organizer: Demian, Chain Catcher
"What important events have occurred in the past 24 hours"
1. Solana's decentralized finance platform Mango was attacked, with potential losses reaching $100 million
Blockchain auditing firm OtterSec tweeted a warning that the Solana ecosystem's decentralized trading and lending platform Mango suffered a potential attack worth $100 million, stemming from the attacker manipulating the value of its collateral. The attacker temporarily inflated the collateral value and then withdrew a large loan from the Mango treasury.
Mango's official Twitter released a detailed report on the attack. It stated that the incident occurred around 6:00 AM Beijing time on October 12, when two accounts funded by USDC held excessively high positions in MNGO-ERP. The underlying price of MNGO/USD on various exchanges (FTX, Ascendex) surged 5-10 times within minutes, leading the Switchboard and Pyth oracles to update their MNGO benchmark price to over $0.15, further causing unrealized profits to increase the market value of accounts long on MNGO-ERP, allowing them to borrow and withdraw BTC (sollet), USDT, SOL, mSOL, and USDC from the Mango protocol, reaching a maximum borrowing limit of $190 million equivalent deposits, with the net value withdrawn by the account at around $100 million. At 10:37 AM on October 12, Mango's program instructions were frozen to prevent any users from further interacting with the protocol. (Source link)
2. Google partners with Coinbase to launch crypto payment cloud services
According to nftgators, Google announced a partnership with Coinbase to launch crypto payment cloud services in early 2023. Coinbase plans to migrate data-related applications from Amazon Cloud to Google Cloud.
ChainCatcher previously reported that Google Cloud is forming a Web3 team to provide services to help developers build Web3 applications. The Web3 infrastructure company Fortress has partnered with Google Cloud to launch an NFT database solution. (nftgators)
3. STEPN begins layoffs in the bear market, cutting over 100 peripheral MODs, ambassadors, etc.
The blockchain game STEPN has started reducing its workforce in the bear market, primarily cutting over 100 peripheral MODs, ambassadors, and others. Additionally, it is shifting focus to promote its parent company Find Satoshi Lab, reducing overall investment in STEPN (some development progress has been significantly delayed), and primarily concentrating on new projects to be launched in the NFT trading market.
Moreover, a large unlock of GMT investors is expected in March next year. (Source link)
4. Bloomberg: SEC is investigating whether some NFTs under Yuga Labs and Ape Coin are in violation
According to Bloomberg, the U.S. Securities and Exchange Commission (SEC) is investigating whether some NFTs under Yuga Labs need to comply with regulations similar to those for stocks, and whether Ape Coin has violated federal laws. (Source link)
5. BNB Chain will execute a hard fork this week to restart cross-chain infrastructure
According to Cointelegraph, BNB Chain (BSC) will execute a hard fork this week to fix a vulnerability that caused a $100 million loss on the platform. According to a post on GitHub on Tuesday, the hard fork, referred to as Moran, will occur at block height 22,107,423, expected to take place at 4 PM Beijing time on October 12. As a temporary emergency patch, this hard fork aims to restart cross-chain infrastructure, with ordinary users not affected, but node operators must stop the operation of actual nodes.
ChainCatcher previously reported that on October 7, the official BNB Chain bridge, Binance Bridge, was hacked, resulting in a loss of approximately $718 million, marking the largest on-chain attack in history. About 9 hours later, Binance announced that the deposit and withdrawal services for BNB Chain had been restored. (Cointelegraph)
6. Web3 search engine neeva.xyz completes $40 million financing, led by Paradigm
According to CNBC, the Web3 search engine neeva.xyz, founded by former Google Ads and Commerce Senior Vice President Sridhar Ramaswamy, has completed $40 million in financing, led by Paradigm, with participation from Coinbase, Sequoia Capital, Greylock, and others.
Since its launch in 2021, neeva.xyz has reportedly gained over 600,000 users in the U.S. Its goal is to allow users to choose their preferred information sources based on personal preferences and relevance, rather than advertisers' suggestions, such as news media, shopping, software engineering sites, travel, etc. (Source link)
7. Justin Sun again denies acquiring Huobi but does not rule out future acquisition possibilities
According to CoinDesk, Justin Sun reiterated in an interview that he denies acquiring Huobi but does not rule out the possibility of acquiring Huobi Global one day, even bringing the trading platform back to mainland China.
Justin Sun expressed optimism about the return of cryptocurrencies to China, stating, "If China allows cryptocurrency trading again, Huobi would definitely be willing to expand its business in China. The company is already operating in Asia and may expand into Europe and South America."
Additionally, Tron stated that neither Justin Sun nor Tron is a buyer in this round of Huobi's share sale. In the future, Justin Sun and Tron will continue to support Huobi's development. Justin Sun has been invited to serve as a member of the newly established Huobi Global Advisory Committee. (CoinDesk)
"What interesting articles are worth reading in the past 24 hours"
1. “Behind the $100 million theft of Mango: A dual attack utilizing flash loans and DAO governance” ”
This morning, the Solana ecosystem DeFi project Mango was stolen approximately $100 million, marking one of the largest security incidents in Solana's history. Similar to most DeFi attack events, this incident was carried out through a flash loan attack, where hackers manipulated oracle prices to nearly exhaust the protocol's liquidity. However, the situation quickly escalated into a more dramatic and complex scenario, as hackers initiated an on-chain proposal on the Mango governance platform, which is considered another governance attack on the project.
Andreessen Horowitz (a16z) has become the king of cryptocurrency with billions of dollars invested in the crypto space, but now the sector is filled with negative news such as price declines and regulatory scrutiny. Dixon has not backed down; he will continue to invest in cryptocurrency startups.
This summer, at a dinner conversation in the 28,000-square-foot mansion of entertainment executive Michael Ovitz in Beverly Hills, Ovitz and venture capitalist Chris Dixon discussed politics, venture capital, and the economy, focusing on a topic Dixon is very familiar with: cryptocurrency.
Hackers have stolen over $2 billion from crypto applications this year. While writing this article, the DAOrayaki decentralized editorial committee witnessed two more hacking incidents: Rabby wallet and the Solana ecosystem decentralized finance platform Mango. As the crypto ecosystem evolves and attracts more malicious actors, the situation will only worsen. Some things must change. It is time to step back, reflect on past mistakes, and change how we handle security in this industry.
