Hedera Lending Protocol Bonzo Loses 77% After $9M Oracle Exploit
Bonzo Finance suffered a devastating $9 million oracle exploit on Hedera, wiping out nearly four-fifths of its total value locked.
A major security breach struck Bonzo Finance, a lending protocol built on the Hedera network, after attackers exploited a vulnerability in its oracle system to drain roughly $9 million — collapsing the platform's total value locked by 77%, according to CoinDesk reporting. The incident ranks among the most damaging decentralized finance exploits to hit the Hedera ecosystem to date.
Oracle exploits have become a recurring weapon in the DeFi attacker's arsenal. By manipulating the price feeds that lending protocols rely on to assess collateral values, bad actors can borrow far more than their deposited assets are worth or liquidate positions at artificial prices — effectively siphoning funds from liquidity pools. The Bonzo attack appears to fit that well-documented pattern.
Read more Pelosi and Trump Share Stakes in the Same 10 Stocks →
The loss of nearly four-fifths of locked value in a single event signals severe structural risk for Bonzo users who had deposited assets into the protocol. Recovery prospects for affected depositors remain uncertain, a familiar and painful outcome in on-chain exploits where funds are rarely fully recovered once moved through obfuscation layers.
The episode adds fresh pressure on Hedera-based DeFi projects to harden their price-feed infrastructure, whether through decentralized oracle networks, circuit breakers, or multi-source data aggregation. For the broader DeFi sector, it reinforces the argument that oracle security deserves the same rigorous attention as smart-contract auditing. Regulators and institutional participants watching the space will likely cite this incident as evidence that on-chain lending still carries substantial operational risk.
Continue reading at CoinDesk.