Hedera Lending Protocol Bonzo Loses $9M in Oracle Exploit
Bonzo Finance suffered a devastating oracle attack, wiping out 77% of its total value locked on the Hedera network.
A major security breach struck Hedera's decentralized lending ecosystem Monday when Bonzo Finance, a prominent lending protocol built on the network, lost approximately $9 million after attackers exploited a vulnerability in its price oracle system, draining the platform of 77% of its total value locked in a matter of hours.
Oracle exploits remain one of the most dangerous attack vectors in decentralized finance. By manipulating the external price feeds that smart contracts rely on to determine asset values, bad actors can borrow far more than collateral is worth or liquidate positions at artificially skewed prices — effectively looting liquidity pools before the system can self-correct. The Bonzo incident follows a well-worn playbook that has cost the broader DeFi sector billions of dollars over several years.
Read more Broadcom Lands $30 Billion Apple Deal, Lifting Non-AI Outlook →
The attack dealt a severe blow to confidence in Hedera's DeFi ecosystem, which has positioned itself as a faster, more energy-efficient alternative to Ethereum-based networks. Bonzo Finance had been one of the more active lending venues on Hedera, and the sudden collapse of nearly four-fifths of its deposited assets raises urgent questions about protocol-level risk management and the robustness of oracle infrastructure across the chain.
The Bonzo team had not, at time of reporting, publicly confirmed whether affected users would be compensated or whether a recovery plan was underway. Security incidents of this scale typically trigger post-mortems, potential pauses of protocol functionality, and coordination with blockchain analytics firms to trace stolen funds — though asset recovery in DeFi exploits remains rare.
Continue reading at CoinDesk.