Home Web3 SecurityCrypto Hacks Directory List of Oracle Manipulation Exploits/Hacks in Crypto
Crypto Hacks DirectoryWeb3 Security

List of Oracle Manipulation Exploits/Hacks in Crypto

by ImmuneBytes
List-of-Oracle-Manipulation-Exploits-Hacks-in-Crypto
Project Date of Exploit Exploit Amt. (USD) Blockchain Type of Exploit Type of Contract Exploited Contract Address Exploit Transaction
ParaLuni 2023-12-23T00:00:00.000Z 336000 BNB Chain Price/Oracle Manipulation, Price/Oracle Manipulation https://bscscan.com/address/0x9db1d695ea7231e5f800701524e712c06c8676b6 https://bscscan.com/tx/0x147b621fbff03b98b57829585ae89e091f8a440f9137b81707493396aa84d0b1
Carol Protocol 2023-12-01T00:00:00.000Z 53000 BNB Chain Smart Contracts Vulnerability, Price/Oracle Manipulation https://basescan.org/address/0x26fe408bbd7a490feb056da8e2d1e007938e5685
dy/dx 2023-11-18T00:00:00.000Z 9000000 Price/Oracle Manipulation, Price/Oracle Manipulation
Harbor Protocol 2023-08-19T00:00:00.000Z 289000 Ethereum Price/Oracle Manipulation, Price/Oracle Manipulation DeFi
Zunami Protocol 2023-08-14T00:00:00.000Z 2000000 Ethereum Price/Oracle Manipulation, Price/Oracle Manipulation Generate Yield https://etherscan.io/address/0xa21a2b59d80dc42d332f778cbb9ea127100e5d75 https://etherscan.io/tx/0x0788ba222970c7c68a738b0e08fb197e669e61f9b226ceec4cab9b85abe8cceb
LeetSwap 2023-08-01T00:00:00.000Z 620000 Smart Contracts Vulnerability, Price/Oracle Manipulation DEX
Rodeo Finance 2023-07-11T00:00:00.000Z 888000 Arbitrum Price/Oracle Manipulation, Price/Oracle Manipulation Generate Yield https://arbiscan.io/address/0xe9544ee39821f72c4fc87a5588522230e340aa54 https://arbiscan.io/tx/0x98f1e234faac8b7f7ceaffe4e8e0581038678d95710b646db45ec3de47e6c3af
Themis Protocol 2023-06-28T00:00:00.000Z 365000 Arbitrum Price/Oracle Manipulation, Price/Oracle Manipulation Lending and Borrowing https://arbiscan.io/address/0x75f805e2fb248462e7817f0230b36e9fae0280fc https://arbiscan.io/tx/0xff368294ccb3cd6e7e263526b5c820b22dea2b2fd8617119ba5c3ab8417403d8
Sturdy Finance 2023-06-12T00:00:00.000Z 775000 Ethereum Price/Oracle Manipulation DeFi https://etherscan.io/address/0x59276455177429ae2af1cc62B77AE31B34EC3890 https://etherscan.io/tx/0xeb87ebc0a18aca7d2a9ffcabf61aa69c9e8d3c6efade9e2303f8857717fb9eb7
ERC20TokenBank 2023-05-31T00:00:00.000Z 112986 Ethereum Price/Oracle Manipulation Tokens https://etherscan.io/tx/0x578a195e05f04b19fd8af6358dc6407aa1add87c3167f053beb990d6b4735f26
EDE Finance 2023-05-29T00:00:00.000Z 658370 Arbitrum Price/Oracle Manipulation DEX https://arbiscan.io/address/0x171c01883460b83144c2098101cd57273b72a054#code https://arbiscan.io/tx/0x3758a4b7338d8c3bd39072221ff3b6b6a59d36f3d885934f1b0081877f35163e
Jimbos Protocol 2023-05-28T00:00:00.000Z 7500000 Arbitrum Flash Loan Attacks, Smart Contracts Vulnerability, Price/Oracle Manipulation DeFi https://arbiscan.io/address/0x271944d9D8CA831F7c0dBCb20C4ee482376d6DE7 https://arbiscan.io/tx/0x44a0f5650a038ab522087c02f734b80e6c748afb207995e757ed67ca037a5eda
WEEB Token 2023-05-10T00:00:00.000Z 30689 Ethereum Flash Loan Attacks, Price/Oracle Manipulation Tokens https://etherscan.io/token/0x9e3d5b091e7728080d9b2e1aaf20ee63db6b65bb https://etherscan.io/tx/0xcb58fb952914896b35d909136b9f719b71fc8bc60b59853459fc2476d4369c3a
Neverfall Protocol 2023-05-04T00:00:00.000Z 75000 BNB Chain Price/Oracle Manipulation, Price/Oracle Manipulation DeFi https://bscscan.com/token/0x5abde8b434133c98c36f4b21476791d95d888bf5 https://bscscan.com/tx/0xccf513fa8a8ed762487a0dcfa54aa65c74285de1bc517bd68dbafa2813e4b7cb
ForTubeFi 2023-04-28T00:00:00.000Z 60000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi https://etherscan.io/token/0xdb694cb2b58f66c5e79ff272df37ecb46dc31add https://etherscan.io/tx/0x4b4fa751b2cb82ff9aa53406f48e83a44babb7c60d2354e13905efa7a2ddffe7
Ovix Protocol 2023-04-28T00:00:00.000Z 2000000 Polygon Price/Oracle Manipulation, Improper Calculations DeFi https://polygonscan.com/token/0x51195e21bdae8722b29919db56d95ef51faeca6c https://polygonscan.com/tx/0x10f2c28f5d6cd8d7b56210b4d5e0cece27e45a30808cd3d3443c05d4275bb008
XBN Token 2023-04-19T00:00:00.000Z 10000 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation Tokens https://bscscan.com/address/0x0321394309CaD7E0E424650844c3AB3b659315d3 https://bscscan.com/tx/0x3b698ba37f33ac0f822a0de7e097126d71e8216bf59ec9b2e6044df7d4f40296
Allbridge 2023-04-02T00:00:00.000Z 570000 BNB Chain Price/Oracle Manipulation Bridge https://bscscan.com/tx/0x7ff1364c3b3b296b411965339ed956da5d17058f3164425ce800d64f1aef8210
Definix 2023-03-17T00:00:00.000Z 17318 BNB Chain Price/Oracle Manipulation DeFi
DKP Token 2023-03-08T00:00:00.000Z 80000 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation Tokens
TenderFi 2023-03-07T00:00:00.000Z 1590000 Arbitrum Price/Oracle Manipulation DeFi
DAYUDAO Token 2023-02-08T00:00:00.000Z 3300 BNB Chain Price/Oracle Manipulation, Flash Loan Attacks Tokens
BonqDAO 2023-02-02T00:00:00.000Z 120000000 Polygon Price/Oracle Manipulation DAO
BEVO NFT Art Token 2023-01-30T00:00:00.000Z 44000 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation Tokens
Upswing Finance 2023-01-18T00:00:00.000Z 35500 Ethereum Price/Oracle Manipulation DeFi
520 token 2023-01-16T00:00:00.000Z 11561 BNB Chain Price/Oracle Manipulation Tokens
Roe Finance 2023-01-11T00:00:00.000Z 80000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi
Defrost Finance 2022-12-23T00:00:00.000Z 173000 Avalanche C Chain Smart Contracts Vulnerability, Price/Oracle Manipulation DeFi 0xff152e21c5a511c478ed23d1b89bb9391be6de96
Kashi Medium Risk Chainlink Token 2022-12-17T00:00:00.000Z 50000 Ethereum Price/Oracle Manipulation ERC20 0x4f68e70e3a5308d759961643afcadfc6f74b30f4
FPR ($FPR) 2022-12-15T00:00:00.000Z 30000 BNB Chain Price/Oracle Manipulation DeFi 0xA9c7ec037797DC6E3F9255fFDe422DA6bF96024d
Nimbus Platform 2022-12-14T00:00:00.000Z 76415 BNB Chain Price/Oracle Manipulation DeFi 0x99c486b908434ae4adf567e9990a929854d0c955
Lodestar Finance 2022-12-10T00:00:00.000Z 6500000 Ethereum Smart Contracts Vulnerability, Price/Oracle Manipulation DeFi
TiFi Token 2022-12-10T00:00:00.000Z 25000 BNB Chain Price/Oracle Manipulation Tokens 0x1c5272ce35338c57c6b9ea710a09766a17bbf14b61438940c3072ed49bfec402
Overnight Finance 2022-12-02T00:00:00.000Z 175188.24 Avalanche C Chain Price/Oracle Manipulation DeFi 0xfe2C4cB637830B3f1Cdc626b99f31B1fF4842E2C
APC Token 2022-12-01T00:00:00.000Z 6126 BNB Chain Price/Oracle Manipulation DeFi 0x5a88114f02bffb04a9a13a776f592547b3080237
MBC token 2022-11-30T00:00:00.000Z 5600 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation Tokens, DeFi
Pando 2022-11-06T00:00:00.000Z 20000000 Ethereum Price/Oracle Manipulation DeFi
Bvaults 2022-11-04T00:00:00.000Z 5600 BNB Chain Price/Oracle Manipulation DeFi
USDH (Solend) 2022-11-02T00:00:00.000Z 1260000 Solana Price/Oracle Manipulation DeFi
QuickSwap 2022-10-24T00:00:00.000Z 220000 Polygon Price/Oracle Manipulation DeFi
Health Token 2022-10-20T00:00:00.000Z 4480 BNB Chain Price/Oracle Manipulation DeFi
Moola Market 2022-10-19T00:00:00.000Z 8400000 Celo Price/Oracle Manipulation DeFi
Mango Market 2022-10-11T00:00:00.000Z 112000000 Solana Price/Oracle Manipulation DEX
RES token 2022-10-06T00:00:00.000Z 290671 BNB Chain Price/Oracle Manipulation Tokens
Space Godzilla 2022-07-13T00:00:00.000Z 26000 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation DeFi
Pandora chain DAO 2022-06-22T00:00:00.000Z 128222 BNB Chain Flash Loan Attacks, Price/Oracle Manipulation DeFi
Mirror Protocol 2022-05-28T00:00:00.000Z 2000000 Terra Price/Oracle Manipulation DeFi
Blizz Finance 2022-05-13T00:00:00.000Z 21800000 Avalanche C Chain Price/Oracle Manipulation DeFi
Venus Protocol 2022-05-13T00:00:00.000Z 11000000 BNB Chain Price/Oracle Manipulation DeFi
Fortress Protocol 2022-05-09T00:00:00.000Z 3000000 BNB Chain Price/Oracle Manipulation DeFi
Deus DAO 2022-04-28T00:00:00.000Z 13400000 Fantom Price/Oracle Manipulation, Flash Loan Attacks DAO
Beanstalk Finance 2022-04-17T00:00:00.000Z 182000000 Ethereum Price/Oracle Manipulation DeFi
Elephant Money 2022-04-12T00:00:00.000Z 11200000 BNB Chain Price/Oracle Manipulation DeFi
Inverse Finance 2022-04-02T00:00:00.000Z 15600000 Ethereum Price/Oracle Manipulation DeFi
Cream 2021-10-27T00:00:00.000Z 130000000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi
Indexed Finance 2021-10-14T00:00:00.000Z 16000000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi
Vee Finance 2021-09-21T00:00:00.000Z 34000000 Avalanche C Chain Price/Oracle Manipulation DeFi
X-Token 2021-08-29T00:00:00.000Z 4500000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi
Pancake Bunny 2021-05-19T00:00:00.000Z 7000000 BNB Chain Price/Oracle Manipulation DeFi
Rari Capital 2021-05-08T00:00:00.000Z 10000000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DeFi
Harvest Finance 2020-10-26T00:00:00.000Z 25000000 Ethereum Flash Loan Attacks, Price/Oracle Manipulation DEX

Oracle price manipulation attacks in crypto involve exploiting vulnerabilities in the way price oracles provide asset price data to decentralized finance (DeFi) protocols. Oracles are essential components in the DeFi ecosystem because they bridge the gap between off-chain data (like asset prices) and on-chain smart contracts. When these oracles are manipulated, attackers can feed incorrect price data to DeFi protocols, leading to significant financial losses.

How Oracle Price Manipulation Attacks Work

  1. Identifying the Oracle Source: Attackers first identify which Oracle a DeFi protocol relies on for its price feeds. These Oracles can be centralized, relying on a single data source, or decentralized, aggregating data from multiple sources.
  2. Manipulating the Price Feed: Once the Oracle source is identified, attackers manipulate the price data that the Oracle provides. This can be done in several ways:
    • Manipulating Market Prices: If the oracle uses data from a specific exchange, the attacker can manipulate the price on that exchange by creating large buy or sell orders, thus skewing the price.
    • Flash Loans: Attackers can use flash loans to borrow large amounts of assets, execute trades that artificially inflate or deflate the asset’s price, and then repay the loan within the same transaction.
  3. Exploiting the Manipulated Price: With the manipulated price data, attackers can:
    • Undercollateralize Loans: Borrow more assets than they should be able to, using the inflated value of their collateral.
    • Execute Arbitrage: Buy assets at artificially low prices on one platform and sell them at higher prices on another.
    • Drain Liquidity Pools: Swap assets in liquidity pools at manipulated prices, leading to significant losses for liquidity providers.

Mitigation Strategies

  1. Decentralized Oracles: Using decentralized oracles like Chainlink, which aggregate data from multiple sources, making it harder for a single entity to manipulate the price.
  2. Price Feeds with Time-Weighted Averages: Implementing time-weighted average prices (TWAP) to smooth out price fluctuations and reduce the impact of short-term manipulation.
  3. Circuit Breakers: Introducing mechanisms that pause trading or borrowing if abnormal price fluctuations are detected.
  4. Oracle Diversification: Using multiple oracles and comparing their data to detect and reject outliers.
  5. Liquidity Pool Monitoring: Continuously monitoring liquidity pools for unusual trading activity and adjusting parameters accordingly.

Oracle price manipulation attacks highlight the importance of robust Oracle design and security measures in the DeFi space to ensure the integrity and reliability of price feeds.

ImmuneBytes

You may also like

List of Crypto Phishing Attacks

List of Re-entrancy Hacks/Exploits in Crypto

List of Compromised Private Key Crypto Hacks

The End of Repetitive KYC? Blockchain Offers a...

How To Hack Smart Contracts? Tips And Tricks

List of Crypto Hacks in the Month of...

Velocore Finance Exploit—June 2, 2024—Detailed Analysis

List of Flash Loan Attacks in Crypto

List of Crypto Hacks Involving Access Control Vulnerability

List of Crypto Hacks in the Month of...