CoinSnacks
Posts
Mango Hacker Reveals Himself

Mango Hacker Reveals Himself

In his reveal thread, Eisenberg claims that the drainage of Mango was not an illegal exploit but a fully legal “highly profitable trading strategy.”

CoinSnacks
October 19, 2022 • Estimated Reading Time: 3 minutes

Last week, we ran a story on the $112 million Mango Markets exploit, the 13th largest hack of all time.

Now, there is new info that warrants a follow-up.

Statement on recent events:
I was involved with a team that operated a highly profitable trading strategy last week.
— Avraham Eisenberg (@avi_eisen)
4:48 PM • Oct 15, 2022

A Highly Profitable Trading “Strategy”

In most crypto hacks and exploits, the identity of the exploiter(s) is never revealed.

This time, not only was the exploiter’s identity revealed, but he unmasked himself.

The hacker is self-described digital arts dealer Avraham Eisenberg. In his reveal thread, Eisenberg claims that the drainage of Mango was not an illegal exploit but a fully legal “highly profitable trading strategy.”

We can’t say he’s wrong in saying his actions were highly profitable, but was it legal?

It’s a tricky question, but the answer is probably yes.

As we covered last week, the attack was an act of market manipulation, not a computer hack. Eisenberg believes this clears him of any wrongdoing because he didn’t do anything that the protocol didn’t already allow.

But that’s not where his real protection comes from…

His real saving grace is that, at worst, he committed securities fraud, not computer fraud.

1/ IMO settling with the Mango exploiter was the correct move. It's very unlikely the exploiter would have been criminally prosecuted, even if they were doxxed.
To understand why, it's important to distinguish "computer fraud" from "securities fraud".
— Doug Colkitt (@0xdoug)
5:25 AM • Oct 14, 2022

Securities fraud is notoriously difficult to prosecute. Even though the SEC could bring a civil case against Eisenberg, they would have to prove that Mango was a security. As we have seen with the Ripple lawsuit, that is not the easiest task.

Connect the dots, and the likely conclusion for Eisenberg is a mountain of cash and some bad karma (although he did recently return $67 million of the loot to make users whole).

Mango Markets confirmed on Saturday that $67M in crypto has been returned — and a vote will now take place on "how we can sort out this mess" 👀
— CoinMarketCap (@CoinMarketCap)
4:51 PM • Oct 17, 2022

A Gray Area

Regardless of its legality, people obviously aren’t too pleased with Eisenberg and his highly-profitable trading strategy. They argue that actions like Eisenberg’s are classless and represent the worst of crypto.

But do they really?

Would it have been better for Eisenberg to alert the Mango team of its vulnerability instead of taking advantage of it? Yes. But at the same time, the team was already warned of an attack like this back in March. Who’s to say that they would have listened this time?

Although it’s done brutally, actions like Eisenberg’s do serve to strengthen crypto in the long run. Nobody wants to get drained by an exploit, and you can bet that other projects are ensuring they can’t be attacked similarly to Mango. Eisenberg himself is suggesting ways to make lending protocols more robust.

Attacks like these might just be a “get hurt now to shine later” situation.

If that is true, then perhaps crypto will fondly look back on this record-breaking year of exploits.