Bonzo Lend Loses $9M in Oracle Price Attack

In Crypto Regulations
July 12, 2026

Bonzo Lend Loses $9M in Oracle Price Attack

The DeFi protocol Bonzo Lend, part of the Hedera ecosystem, was attacked, resulting in the theft of approximately $9 million in assets. The incident was caused by the compromise of a third-party price oracle.

According to a preliminary report by the developer company Bonzo Finance, the attacker deposited 250 SAUCE tokens as collateral and then manipulated the oracle to reflect a fake asset price, inflating it by about a trillion times. This allowed them to borrow approximately 6.6 million USDC and 34.5 million wHBAR with almost no collateral.

image
Source: Bonzo Finance.

The team attributed the incident to a flaw in the price verification system of the oracle provider Supra, rather than errors in the protocol’s smart contracts.

Following the discovery of the attack, Bonzo Lend suspended its lending service and rewards program.

The developers stated they are collaborating with partners in the Hedera ecosystem to analyze the incident and prepare a plan to recover the assets.

One of the addresses involved in withdrawing about $1 million during the “window” of the anomalous SAUCE price identified itself as a “white hat hacker” and expressed an intention to return the funds.

Earlier this year, crypto projects lost approximately $972 million in 207 incidents, according to Immunefi.

Avatar photo
/ Published posts: 728

Steven M. Crimmins is a cryptocurrency strategist and freelance writer who has followed the blockchain industry since Bitcoin’s early days. Known for his sharp analysis of altcoins and trading strategies, Steven provides Satoshi News Africa readers with market-focused content grounded in research. He is especially interested in how African traders are adopting crypto as an alternative to traditional markets. Steven is also a podcast host, where he discusses emerging technologies and investment trends.