2026-01-02 08:23:43

No one is willing to admit they are the snowflake that triggered the disaster during an avalanche. When users see their assets instantly evaporate from their accounts, they instinctively suspect that the protocol has run away with the funds. But on-chain data tells a different story — recent fund drain incidents of a major lending protocol were not due to management fleeing with the money, but rather a carefully orchestrated oracle manipulation attack.

Here's what happened: hackers used flash loans to artificially create extreme price fluctuations in low-liquidity trading pairs. Because the protocol’s price feed mechanism has update delays (on-chain data sources often lag by 5-30 seconds), the system was deceived within this time window. A token that was originally worthless was manipulated by the hacker to be valued at millions. The hacker then used these "overvalued" tokens as collateral to easily borrow all the ETH and BNB in the protocol. When prices normalized, all that remained was a false set of on-paper figures.

This trick isn’t new — the industry has been discussing oracle risks for three years. So why, in 2025, can such attacks still precisely target top-tier protocols? The core issue lies in the mismatch between existing price feed designs and the actual trading environment. Many projects, in an effort to promote "full decentralization," forcibly rely on on-chain price sources as the sole reference, completely ignoring the liquidity fragility of these sources. In an era of fragmented liquidity, it’s like installing a easily contaminated periscope on a submarine — every signal the operator sees could be fake, ultimately leading to an unintentional collision with the abyss.

ETH4,38%

BNB2,17%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

8 Likes

Reward
8
6
Repost
Share

Comment

0/400

GasFeeCryBaby

· 10h ago

It's the oracle's fault again, but the real ones to blame are these self-righteous decentralized protocols, right? --- Three years without fixing this bug, is it due to poor technology or just no intention to fix it? --- Flash loans + price feed delay, this combo move is too perfect, no wonder hackers laugh their heads off. --- Basically, it's just liquidity that's too bad; a little wind or grass movement can manipulate the price. Serves them right. --- The submarine periscope analogy is hilarious, but I still lost 300 bucks from my wallet. --- The hype of fully decentralized is really harmful; wouldn't it be better to have some centralized oracle insurance? --- Just want to ask how many top protocols are still using this manipulatable price feed scheme? I need to shift my positions. --- Tsk, watching the account evaporate, I really thought I was running away, but it turns out I was precisely sniped.

View OriginalReply0

StableBoi

· 12h ago

Oracles are truly incredible. Under the guise of decentralization, they created the most centralized vulnerability... A 5-30 second delay can wipe out the entire protocol. Where is the promised security?

View OriginalReply0

BrokeBeans

· 12h ago

It's the oracle's fault again and again... I already said that the 5-30 second delay would eventually cause problems, why does no one listen? I've been hit hard by flash loans several times, seeing this kind of trickery just makes me numb. So is decentralized price sourcing really reliable? It feels like self-deception. Knowing the risks three years ago and still crashing in 2025, how can that be justified... The analogy of the periscope being polluted is brilliant. Entering this kind of protocol now is really just gambling on luck. Collateralizing fake coins to borrow real money—how absurd is that? I was wondering why so many top projects can still be hacked; turns out the root cause is right here. In an era of fragmented liquidity, who dares to trust on-chain price feeds? Losing another batch, yet it feels like no one has learned their lesson.

View OriginalReply0

MelonField

· 12h ago

It's the same old oracle tricks again. How are people still rushing headfirst into danger? Fully decentralized sounds impressive, but in reality, it just paves the way for hackers. Flash loans really need regulation; they're basically a cheat’s paradise. It's all because liquidity is too fragmented—just a 5-second delay is enough for hackers to strike. Watching others' money vanish in an instant makes me wonder who the next victim will be. This is just the "barrel effect" in the financial system—the weakest point becomes the breakthrough. Under the guise of decentralization, it's all centralized risks—so ironic. I've been saying for a long time that on-chain price sources are unreliable, yet some still insist on pushing through. System vulnerabilities designed by big players, ultimately, retail investors foot the bill. How many projects will just lie flat and pretend to be dead this time?

View OriginalReply0

GateUser-ccc36bc5

· 12h ago

It's the oracle work again... These teams really can't learn. A flash loan plus a 5-second delay can drain the treasury. Frankly, it's because they want to maintain the illusion of decentralization and refuse to use hybrid price feeds. They should have adopted Pyth or Chainlink's multi-source solutions long ago. Instead, they insist on betting that liquidity won't suddenly fluctuate... and they lost the bet.

View OriginalReply0

BearMarketLightning

· 12h ago

The bug in the oracle has been there for three years and still not fixed? Can't help but laugh. Those projects that tout decentralization have now become hackers' self-service withdrawal machines. Flash loans are indeed incredible, able to drain a protocol in 5-30 seconds. Where's the promised on-chain data that would speak? Turns out it's all lies. That's why I never put my coins into these so-called "top" protocols; they all feel like paper tigers. So, can we still borrow and lend now? I'm really a bit scared. Tokens worth nothing suddenly valued at hundreds of millions; hackers' operations are truly artistic. We retail investors are just the harvesters.

View OriginalReply0