Home/News/Bonzo Lend Loses $9M in Hedera Oracle Exploit
CoinTelegraph2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

Bonzo Lend Loses $9M in Hedera Oracle Exploit

Bonzo Lend Loses $9M in Hedera Oracle Exploit

Bonzo Lend, a decentralized lending protocol operating on the Hedera network, experienced a significant exploit resulting in a loss of approximately $9 million. The attack, which occurred on May 15, 2024, targeted a vulnerability within Supra's on-chain oracle verifier. The attacker manipulated the system by inflating the value of SAUCE collateral, which is used within the Bonzo Lend protocol. This inflated collateral was then used to borrow $9 million from Bonzo Lend's liquidity pools.

The exploit highlights a critical security weakness in how collateral values are verified by oracles, which are essential for the functioning of decentralized finance (DeFi) protocols. Oracles provide external data, such as asset prices, to smart contracts. In this instance, the compromised oracle verifier provided an inaccurate valuation of the SAUCE token, enabling the attacker to leverage it for an outsized loan. Bonzo Lend has acknowledged the incident and is reportedly investigating the full extent of the breach and its impact on users.

Supra, the provider of the oracle service, has not yet released a detailed statement regarding the specific flaw in their verifier. However, such exploits underscore the ongoing challenges in securing DeFi infrastructure against sophisticated attacks. The DeFi space continues to grapple with vulnerabilities in smart contracts, oracle manipulation, and other security risks, leading to substantial financial losses for protocols and their users. The incident serves as a stark reminder of the need for robust security audits and continuous monitoring of oracle feeds within the blockchain ecosystem.

Original source — read the full reporting at the publisher:

Read on CoinTelegraph

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next