Bonzo Lend loses $9M in oracle exploit on Hedera
CoinTelegraph

Bonzo Lend loses $9M in oracle exploit on Hedera

Bonzo Lend loses $9M in oracle exploit on Hedera

An attacker inflated the value of SAUCE collateral and borrowed $9 million from Bonzo Lend through a flaw in Supra’s on-chain oracle verifier.

Estimated economic impact of the incident. Source: Bonzo Finance

The incident adds to a growing number of exploits targeting decentralized finance (DeFi) protocols in 2026. The second quarter had become the most-hacked quarter on record by incident count, with 83 exploits and about $755 million stolen.

Cross-chain bridge exploits accounted for $351 million, while compromised administrator attacks and fake token price manipulation represented 37% of quarterly losses.

In 2026, DeFi’s total value locked (TVL) had fallen 39% to over $70 billion in June from about $115 billion in January. CryptoRank recorded 121 hacks and roughly $942 million in losses over the period, saying repeated security incidents likely weighed on user confidence and reinforced capital outflows.

Related: β€˜All DeFi unsafe’ claim sparks AI security debate after April hack surge

The Bonzo incident also follows a similar collateral-pricing exploit on Stellar. In February, attackers drained roughly $10 million from a YieldBlox DAO-managed lending pool after manipulating the price path used to value USTRY collateral, allowing them to borrow assets beyond the token’s real worth.

Magazine: Will the crypto lobby's $189M campaign get CLARITY over the line?

Comments

No comments yet. Start the discussion.