Decentralized finance protocol Bonzo is reeling after a security failure resulted in the loss of over $9 million. The breach, which originated from a vulnerability in the Supra oracle service, triggered a mass exodus of capital from the platform.
Reports confirm that the exploit allowed malicious actors to manipulate price data, effectively draining 77% of the total value locked within the lending pool. The incident has sent shockwaves through the Hedera ecosystem, raising fresh concerns about the safety of oracle integrations.
Security analysts pointed to a verification flaw that left the protocol’s internal valuation logic exposed. By feeding the protocol inaccurate market data, the attacker was able to siphon funds before automated safety measures could intervene.
As Bonzo developers work to assess the long-term impact on liquidity, users remain on high alert. The event highlights the inherent risks of relying on external data sources for high-stakes decentralized lending operations.