A flaw in a Supra oracle verifier allowed an attacker to drain about $9.05 million from Bonzo Lend, a decentralized lending protocol on the Hedera network, after the system accepted a false price update that made the SAUCE token appear vastly more valuable than it was.
The exploit took place late Friday and centered on a manipulated oracle price for SAUCE, a token in the Hedera ecosystem. According to Bonzo Lend’s incident report, the attacker deposited only 250 SAUCE as collateral, an amount worth just a few dollars under normal market conditions. The attacker then used the faulty oracle update to make the token appear to be worth an amount equivalent to one followed by 30 zeroes.
That incorrect price feed gave the attacker enough artificial collateral value to borrow 6.63 million USDC and 34.5 million wrapped HBAR. Based on an HBAR price of about $0.07, the total amount taken was approximately $9.05 million.
The incident has renewed attention on the risks facing decentralized lending markets that depend on external price feeds. In this case, Bonzo Lend’s lending pools were not compromised by a traditional private-key theft or a direct attack on user deposits. Instead, the core failure came from an oracle verifier that accepted a fake price update as legitimate.
How the exploit worked
Bonzo Lend said the attack began when an unauthorized price update for SAUCE was accepted by the protocol’s oracle system. Oracles are used by lending platforms to determine the value of collateral and borrowed assets. If the oracle price is wrong, the lending market can treat a low-value asset as though it is worth far more than its real market price.
That appears to be exactly what happened.
The attacker first placed 250 SAUCE into Bonzo Lend as collateral. Under normal pricing, that deposit would not have supported any meaningful loan. But once the manipulated price was accepted, the protocol calculated the collateral as being worth an absurdly large amount.
Within seconds, the attacker borrowed millions of dollars’ worth of assets from the protocol. The borrowed funds included USDC, a dollar-pegged stablecoin, and wrapped HBAR, a tokenized version of Hedera’s native asset used in decentralized finance applications.
The speed of the attack showed how quickly a lending protocol can become vulnerable when its pricing layer fails. Lending markets rely on automated calculations. If the price feed says collateral is highly valuable, the protocol may allow borrowing against it immediately, unless additional safeguards are in place.
The verifier flaw
The technical fault was traced to a weakness in the Supra oracle verifier’s signature validation process. According to the details shared after the incident, the verifier accepted a cryptographic signature made entirely of zeros instead of rejecting it.
Cryptographic signatures are supposed to prove that a message, such as a price update, came from an authorized signer. In an oracle system, that mechanism is critical. It prevents unauthorized parties from submitting fake asset prices.
In this case, the system failed at that validation step. Because the all-zero signature was accepted, the attacker was able to submit a false SAUCE price without approval from Supra’s legitimate signers.
Supra later confirmed the issue and deployed a corrective update to its Hedera mainnet contract. The fix was designed to prevent the verifier from accepting invalid signatures of that kind in future oracle updates.
The incident highlights a difficult security problem for decentralized finance protocols. Even if a lending application’s own contracts operate as designed, it can still suffer large losses if a connected infrastructure provider delivers incorrect or unauthorized data.
Bonzo suspends lending activity
Bonzo Lend suspended its lending operations shortly after detecting the exploit. The protocol also paused its points program while the team investigated the attack and assessed the damage.
The project said its vaults, bridge and staking functions were isolated from the exploit. That means the incident was limited to the lending market affected by the false SAUCE price update and did not spread across every part of the platform.
Bonzo also said a separate wallet used the same manipulated oracle price to borrow roughly $1 million. That wallet later contacted the team, identified itself as a white-hat participant and said it would return the funds. Bonzo excluded that amount from its official loss calculation.
The main attacker’s activity, however, caused a loss of about $9.05 million. The stolen assets were quickly moved through several networks, complicating recovery efforts.
Abnormal transfers raised early alarms
Before Bonzo publicly confirmed the breach, an on-chain analyst known as Specter detected unusual transfers moving from Hedera to Ethereum. Those transfers drew attention because they appeared to involve large amounts of newly borrowed assets leaving the Hedera ecosystem soon after the abnormal oracle activity.
Blockchain monitoring showed that the primary attacker rapidly bridged more than $5.25 million of the stolen funds to Ethereum. Moving funds across chains is a common tactic after decentralized finance exploits because it can make tracking and recovery more difficult, especially if the funds later pass through mixers, decentralized exchanges or other liquidity tools.
A valid oracle update restored SAUCE’s correct market price by 9:36 p.m. ET, according to the incident timeline. Bonzo froze lending activity minutes later to prevent further damage.
The restoration of the correct price limited the window of exploitation, but the short-lived manipulation was still enough to drain millions of dollars. That is because automated lending systems can process deposits, valuations and borrowing almost instantly.
Why oracle failures are so damaging
The Bonzo Lend exploit is a clear example of how external data failures can destabilize otherwise functioning lending markets. In decentralized lending, price feeds are not a secondary system. They are part of the core risk engine.
When a trader deposits collateral, the protocol checks the value of that collateral using oracle data. The protocol then decides how much can be borrowed. If the price feed is accurate, the system can enforce loan-to-value limits and liquidation rules. If the feed is wrong, the entire lending model can break down.
A single low-value deposit can become dangerous if the protocol believes it is worth billions, trillions or more. That false value can allow an attacker to borrow real assets from the pool and leave behind collateral that is almost worthless.
This type of attack differs from market manipulation that pushes a token price higher on a thinly traded exchange venue. In the Bonzo case, the reported issue was not simply a distorted market price. It was the acceptance of an unauthorized oracle update caused by a signature validation flaw.
That distinction matters because many protocols design defenses against low-liquidity price swings, but fewer are prepared for a verifier that accepts a fake signed message. If the authentication layer fails, even a well-designed pricing system can deliver bad data to the application.
Wider security pressure on open finance
The Bonzo Lend breach comes during a difficult period for decentralized finance security. Data from Immunefi shows that crypto exploits in the first half of 2026 caused losses of about $972 million across 207 separate incidents.
The second quarter was especially severe. Security trackers recorded roughly $755 million stolen across 83 attacks between April and June, making it the worst quarter on record for stolen digital assets by that measure.
The wave of incidents has added pressure to open finance applications already struggling with lower liquidity. Total value locked across decentralized finance platforms fell sharply during the first half of the year, dropping 39% from about $115 billion in January to roughly $70 billion by June.
That decline reflects several factors, including market conditions, reduced risk appetite among traders and repeated security failures. Each new exploit can cause users to withdraw funds from smaller protocols or avoid newer lending pools until audits, monitoring systems and emergency controls improve.
Infrastructure attacks have been a notable concern this year. Alongside oracle-related failures, the market has seen issues involving bridge systems, key management setups and verification tools. These parts of the ecosystem often sit beneath the user-facing application, but their failure can still lead to direct losses.
Risk controls under review
The Bonzo Lend case is likely to intensify scrutiny of how protocols verify oracle messages and manage unusual collateral valuations. A lending platform that accepts a low-liquidity or low-value token as collateral must have strong controls to prevent sudden, unrealistic borrowing power.
Those controls can include strict collateral caps, conservative loan-to-value ratios, multiple oracle sources, price sanity checks and emergency pause functions. They can also include rules that reject price updates outside expected ranges or require additional verification when a token’s value changes by an extreme amount.
In this incident, the manipulated SAUCE price was overstated by roughly 12 orders of magnitude, according to the details shared by Bonzo. A move that large would be far outside normal market behavior. The fact that the update was accepted shows why protocols increasingly need both cryptographic verification and economic reasonableness checks.
A valid signature system answers one question: whether the message came from an authorized source. A market sanity check answers another: whether the reported price makes sense. When either layer is missing or flawed, the protocol can face serious risk.
Impact on Bonzo and Hedera-based defi
For Bonzo Lend, the attack is a major setback. Lending protocols depend on confidence that collateral will be priced correctly and that borrowed assets cannot be drained through artificial valuations. A $9.05 million loss can damage liquidity, slow user activity and force difficult recovery decisions.
The incident also affects the broader Hedera decentralized finance environment. Hedera has sought to build out its open finance ecosystem, and lending protocols are an important part of that growth. Exploits involving native ecosystem assets, bridges or oracle integrations can make traders more cautious about deploying funds into newer markets.
Still, Bonzo’s quick suspension of lending helped limit further exposure once the issue was identified. The separation of vaults, bridge and staking functions also reduced the chance of the exploit spreading across the full platform.
The return of funds from the white-hat wallet, if completed as stated, would also reduce the broader damage. But that does not change the core loss attributed to the main attacker.
What traders are watching now
Traders are now focused on whether any stolen funds can be frozen, traced or recovered. The movement of more than $5.25 million to Ethereum suggests that the attacker began dispersing assets quickly. Recovery often becomes more difficult as funds move through multiple chains and liquidity venues.
Attention is also on Supra’s corrective update and whether additional reviews will find related weaknesses in other verifier deployments. Oracle providers are critical infrastructure for decentralized finance, and a single validation bug can affect any protocol relying on the compromised component.
For users of smaller lending pools, the incident is another reminder to examine not only the platform itself but also the outside systems it depends on. A lending protocol may use third-party price feeds, bridges, custodial key systems, automation tools and other infrastructure that can become points of failure.
The most immediate lesson from the Bonzo Lend exploit is simple: price feeds must be both authenticated and realistic. If a protocol blindly trusts a fake price update, a tiny collateral deposit can become the starting point for a multimillion-dollar theft.
As decentralized finance becomes more interconnected, the security of each protocol increasingly depends on the security of the services around it. The Bonzo incident shows that a single verifier flaw can travel through that chain of trust and produce losses in seconds.
To understand oracle networks and prevent similar DeFi exploits, explore our detailed guide on oracle network security fundamentals today.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.

