Last Tuesday night, another cryptocurrency project was hacked. In total, the hacker has the equivalent of R$589 million in his pocket, but what he didn’t expect was that his identity would be revealed just one day after his act.
Mango summed up the attack, explaining herself what happened through her social networks. First, the attacker increased the price of MNGO cryptocurrency on several exchanges, causing the price to rise 5-10 times within minutes.
After that, oracles changed the price of the MNGO to US$0.15, an amount almost 4 times higher than the correct amount. Thus, the hacker managed to exploit Mango’s lending protocol, which allowed him to withdraw half a billion reais in various cryptocurrencies, such as Bitcoin (BTC), Solana (SOL), USDC and USDT.
“The net amount extracted by the account was approximately US$100 million (R$526 million) equivalent at the date.”
-The net worth extracted by the account was approximately $100 million equivalent at the time
– At 02:37 UTC on October 12, the instructions of the Mango program were frozen to prevent users from further interacting with the protocol, for example by depositing more funds that may be non-refundable
— Mango (@mangomarkets) October 12, 2022
In the end, the MNGO lost almost 50% of its value. Previously traded at US$0.04, today it can be found at US$0.023 in the market.
“His name is Avraham Eisenberg”
The day after the half-billion reais attack in cryptocurrency, Chris Brunet published an article claiming to know the alleged identity of the hacker. Without tension, the author already points out in the subtitle that the hacker’s name is Avraham Eisenberg.
“I know something CoinDesk and BlockWorks don’t know because, well, I’m on a private Discord server with the alleged hacker, where geeks of all stripes gather to discuss crypto/stock/market trading strategies. Forecast.”
Brunet then points out that last Wednesday (5), a few days after the Mango hack, the hacker bragged because he “studying a platform that might lead to a 9 figure payout” and that “would take about a minute”.
Next, several screenshots show conversations between Avraham Eisenberg and other members of the server. In one, the hacker is considering the possibility of getting a reward from Mango himself for finding a vulnerability, but says this amount will likely be small.
Further on, the hacker explains in detail how the attack would be carried out.
“You open a long position. So let the numbers rise. So you get all the TVL [total value locked] of the protocol.”
Despite some potential pitfalls—such as undocumented limits, hidden sell orders, and oracle freezes—the execution went exactly as Eisenberg’s plans went.
About your identity… Although hackers tend to hide them at all costs, Eisenberg wasn’t too careful about it.
Although your nickname will show up in the chat as “Vires Creditor and Honest Person” – something like Power Creditor and Honest Person – a simple click shows the original account name. Interestingly, she bears his full name, Avraham Eisenberg.
Moving on, another image shows Eisenberg posting his ENS address (ponzishorter.eth) on the same Discord server a few months ago.
Unsurprisingly, that on-chain address — $7.5 million in USDC — is linked to the address used in the Mango hack.
In response to Brunet, Eisenberg averted the matter by stating that he exploits several flaws in such projects, but that he has always warned developers about them.
Source: Live Coins
John Cameron is a journalist at The Nation View specializing in world news and current events, particularly in international politics and diplomacy. With expertise in international relations, he covers a range of topics including conflicts, politics and economic trends.