A new report from BINANCE Research says exploits related to oracle networks have caused nearly a billion dollars worth of losses over the past three years.
Oracles connect blockchains to external data allowing smart contracts to execute tasks based on real-world events or conditions.
Decentralized finance (DeFi) protocols use oracles to fetch the market price of assets, which can determine whether or not a platform should facilitate a certain transaction.
However, Binance Research says real-world data across different sources vary, which presents reliability concerns and makes systems relying on oracles vulnerable to manipulation.
Binance Research,
“Malicious actors can exploit this weakness to skew price feeds and swiftly drain a platform’s funds. Prominent instances of such exploits include last year’s Mango Markets breach and the more recent attack on EraLend in July this year.”
The report says an estimated $892 million have been exploited due to oracle-related manipulations since 2020.
“In many instances, actors drive up the prices of low-liquidity tokens on targeted protocols before swapping their artificially inflated tokens to other tokens, or using them as collateral to take up loans in lending markets.”
According to the report, the total value hacked in oracle-related exploits jumped from $65 million in 2020 to $399.1 million in 2021. The amount of losses peaked at $403.2 million in 2022 before dropping to $25.4 million in 2023.
Binance Research also says two factors drive the decline in oracle-related exploits this year.
“The amount lost due to oracle-related exploits has decreased significantly in 2023, likely caused by a combination of increased focus on security and a broad decline in DeFi TVL (total value locked).”
