Mango Markets: Self-funded MNGO spot price pump using two accounts → inflated unrealized collateral → lending pool drain

Summary #

Mango Markets suffered a Lending / Money Market + Margin Trading (Solana) on 2022-10-11, resulting in a loss of approximately $115M.

What happened #

Mango Markets is Solana's flagship margin trading and lending protocol. The attack exploited the low liquidity and volume of the MNGO native token — whose spot price was used as collateral valuation for borrowing.

Linked factors #

• RD-F-001 — causal : ★ Audit scope mismatch — alternate field name [via dashboard_risk_factors/Exploited code in scope?: No — marked "Out of Scope" in rekt.news metadata; the spot price manipulation risk was not caught or addressed]
• RD-F-008 — related : Ignored bug bounty disclosure — adjacent [via cross-hack: Factor 3: Ignored / Dismissed Security Disclosure]
• RD-F-053 — causal : ★ Spot DEX pool oracle without TWAP — root cause [via realtime_signals/Oracle anomaly (Y/N): Y — MNGO spot price pump to $0.91 was extreme and detectable] || ★ Oracle source = spot DEX pool [via cross-hack: Factor 25: Single-Source TWAP Oracle From Low-Liquidity Pool Used as Lending Collateral]
• RD-F-055 — related : Underlying oracle pool depth [via cross-hack: Factor 25: Single-Source TWAP Oracle From Low-Liquidity Pool Used as Lending Collateral]
• RD-F-073 — causal : Oracle-manipulation-proof borrow cap per asset [via cross-hack: Factor 42: Unrealized PnL Accepted as Borrowing Collateral]
• RD-F-099 — illustrative : Oracle price deviation > X% from secondary source — RT signal would have fired [via realtime_signals/Oracle anomaly (Y/N): Y — MNGO spot price pump to $0.91 was extreme and detectable]
• RD-F-177 — causal : Cat 13: Prior known-ignored disclosure [via cross-hack: Factor 3: Ignored / Dismissed Security Disclosure]