markets

Bonzo Lend Loses $9M in Oracle Exploit on Hedera Network

Summarized from Cointelegraph

An attacker manipulated SAUCE collateral values via a Supra oracle flaw, draining $9M from Bonzo Lend on Hedera.

A hacker drained $9 million from Bonzo Lend, a decentralized lending protocol on the Hedera network, by exploiting a vulnerability in Supra's on-chain oracle verifier, according to reporting by Cointelegraph. The attack allowed the perpetrator to artificially inflate the value of SAUCE tokens used as collateral, then borrow against that inflated valuation to extract funds from the protocol.

Oracle exploits have become one of the most persistent attack vectors in decentralized finance, as protocols that rely on external price feeds are only as secure as the systems supplying that data. In this case, the flaw resided specifically in Supra's on-chain verifier — the component responsible for validating price data before it is consumed by lending logic — giving the attacker a direct mechanism to manipulate what Bonzo Lend believed collateral was worth.

Read more Pelosi and Trump Share Stakes in the Same 10 Stocks →

The incident underscores a structural risk across DeFi lending markets: when collateral valuations can be manipulated, borrowing limits become meaningless and protocol treasuries are exposed. Bonzo Lend operates on Hedera, a distributed ledger network that positions itself as a more enterprise-grade alternative to Ethereum, making the breach notable for a chain that emphasizes performance and security.

The scale of the loss — $9 million — places this exploit among the more significant DeFi incidents of recent months, though it remains smaller than the nine-figure hacks that have periodically rocked the sector. Investigators and the affected teams have not yet publicly confirmed whether any funds have been frozen or whether the attacker has been identified.

Continue reading at Cointelegraph.

Frequently Asked Questions

Q.How did the Bonzo Lend exploit work?

The attacker used a flaw in Supra's on-chain oracle verifier to artificially inflate the value of SAUCE tokens held as collateral, then borrowed $9 million against that manipulated valuation.

Q.What is Supra's role in the Bonzo Lend hack?

Supra provides the on-chain oracle that Bonzo Lend relies on for price data; the exploit targeted a vulnerability in Supra's verifier, which is the component that validates price feeds before they are used by the protocol.

Q.Which blockchain network was Bonzo Lend running on when it was hacked?

Bonzo Lend operates on the Hedera network, a distributed ledger platform that markets itself as an enterprise-grade alternative to Ethereum.

More in markets →