{"id":455,"date":"2023-01-31T14:48:47","date_gmt":"2023-01-31T12:48:47","guid":{"rendered":"https:\/\/ackeeblockchain.com\/blog\/?p=455"},"modified":"2023-01-31T14:48:47","modified_gmt":"2023-01-31T12:48:47","slug":"2022-solana-hacks-explained-solend","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/","title":{"rendered":"2022 Solana Hacks Explained: Solend"},"content":{"rendered":"<p><span style=\"font-weight: 400;\"><a href=\"https:\/\/solend.fi\/\"><strong>Solend<\/strong><\/a> is a <strong>decentralized lending and borrowing protocol<\/strong> on Solana. On November 2, 2022, an attacker <strong>drained<\/strong> assets from Solend&#8217;s Stable, Coin98, and Kamino isolated pools resulting in <strong>$1.26M<\/strong> of bad debt.<\/span><\/p>\n<p><b>Exploit Details\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Based on the <a href=\"https:\/\/blog.solend.fi\/usdh-price-manipulation-impact-on-isolated-pools-4f79ff6af2ba\">report<\/a> from Solend&#8217;s team, the attacker <strong>previously attempted to exploit<\/strong> the platform on October 28, when he <strong>pumped up<\/strong> the price of USDH token on <a href=\"https:\/\/docs.saber.so\/\">Saber<\/a> <strong>by spending 200k<\/strong> USDC. However, the pumped <strong>price got arbitraged<\/strong> in the same slot and reversed back to $1. The oracles could, therefore, never report the increased price. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">So, the attacker leant from his mistakes. On November 2, the he performed <strong>the same attack with minor differences.<\/strong> First, he <strong>spent 100k USDC to pump<\/strong> USDH price on Saber, and then he <strong>started spamming<\/strong> the Saber account so that <strong>no arbitrage could occur<\/strong> in the same slot as during the first attempt. The attacker then <strong>arbitraged himself<\/strong> in the next slot.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"> This time the Switchboard <strong>oracle picked up the high price.<\/strong> By repeating the same procedure, the attacker was able to <strong>pump<\/strong> up the price of USDH, and by depositing, he <strong>borrowed<\/strong> assets worth <strong>$1.26M<\/strong>, effectively <strong>draining all pools<\/strong>. It was a sophisticated exploit as the attacker <strong>prevented the arbitrages<\/strong> in the same slot by <strong>write-locking<\/strong> the Saber account and <strong>predicting<\/strong> when the <strong>oracle<\/strong> would <strong>update the price<\/strong>. Solend&#8217;s vulnerability in this exploit was that it was <strong>looking for price<\/strong> updates only <strong>using the Switchboard oracle<\/strong> from Saber pool, making <strong>the price<\/strong> feed <strong>prone to manipulation.<\/strong><\/span><\/p>\n<p><span style=\"font-weight: 400;\">Later on, the Solend&#8217;s DAO proposals <a href=\"https:\/\/govern.solend.fi\/dao\/SLND\/proposal\/8vQbMBnKUyJYvDX4uKrx9gPspvweT42y4i1ecQMNj9G3\">SLND6<\/a> and <a href=\"https:\/\/govern.solend.fi\/dao\/SLND\/proposal\/9tbQB7XEqJeoCoGhV6zPUWftXqfRTa7H8MapYHEQtpQu\">SLND5<\/a> passed, <strong>making users whole<\/strong> from all the bad debts.<\/span><\/p>\n<p><b>In simple words, <\/b><span style=\"font-weight: 400;\">it was a combination of a <strong>hack<\/strong> and a <strong>market manipulation<\/strong>: the hacker <strong>pumped<\/strong> the tokens price and <strong>spammed the oracle<\/strong> to make sure it picks the price which would be the most profitable for him. One can say that is was a more sophisticated version of the <a title=\"2022 Solana Hacks Explained: Mango Markets\" href=\"https:\/\/ackeeblockchain.com\/blog\/2022-solana-hacks-explained-mango-markets\/\">Mango Markets exploit<\/a> which didn&#8217;t involve any hacking.\u00a0<\/span><\/p>\n<p><strong>Reference<\/strong><\/p>\n<p><a href=\"https:\/\/blog.solend.fi\/usdh-price-manipulation-impact-on-isolated-pools-4f79ff6af2ba\"><strong>1<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend&#8217;s Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details\u00a0 Based on the report from Solend&#8217;s team, the attacker previously attempted to exploit the platform on October 28, when he pumped up the price of USDH token on&hellip;<\/p>\n","protected":false},"author":15,"featured_media":456,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[85,84,5],"tags":[14,86,6,19],"class_list":["post-455","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-exploits","category-hacks","category-solana","tag-exploit","tag-hack","tag-solana","tag-solana-security"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.9 - aioseo.com -->\n\t<meta name=\"description\" content=\"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend&#039;s Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend&#039;s team, the attacker previously attempted to exploit the platform on October 28, when he pumped\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Aleksandra Yudina\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.9\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Ackee Blockchain - Blog &amp; Research\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"2022 Solana Hacks Explained: Solend - Ackee Blockchain\" \/>\n\t\t<meta property=\"og:description\" content=\"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend&#039;s Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend&#039;s team, the attacker previously attempted to exploit the platform on October 28, when he pumped\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2023-01-31T12:48:47+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2023-01-31T12:48:47+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary\" \/>\n\t\t<meta name=\"twitter:title\" content=\"2022 Solana Hacks Explained: Solend - Ackee Blockchain\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend&#039;s Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend&#039;s team, the attacker previously attempted to exploit the platform on October 28, when he pumped\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#blogposting\",\"name\":\"2022 Solana Hacks Explained: Solend - Ackee Blockchain\",\"headline\":\"2022 Solana Hacks Explained: Solend\",\"author\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/aleksandra-yudina\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/Solden-1.png\",\"width\":1972,\"height\":1360},\"datePublished\":\"2023-01-31T14:48:47+02:00\",\"dateModified\":\"2023-01-31T14:48:47+02:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#webpage\"},\"articleSection\":\"Exploits, Hacks, Solana, exploit, Hack, Solana, Solana security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ackee.xyz\\\/blog\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/#listItem\",\"name\":\"Hacks\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/#listItem\",\"position\":2,\"name\":\"Hacks\",\"item\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/exploits\\\/#listItem\",\"name\":\"Exploits\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/exploits\\\/#listItem\",\"position\":3,\"name\":\"Exploits\",\"item\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/exploits\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#listItem\",\"name\":\"2022 Solana Hacks Explained: Solend\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/#listItem\",\"name\":\"Hacks\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#listItem\",\"position\":4,\"name\":\"2022 Solana Hacks Explained: Solend\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/hacks\\\/exploits\\\/#listItem\",\"name\":\"Exploits\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\",\"name\":\"Ackee Blockchain\",\"description\":\"Blog & Research\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/cropped-ABCH_Logo_blue-black.png\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#organizationLogo\",\"width\":5268,\"height\":825},\"image\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/aleksandra-yudina\\\/#author\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/aleksandra-yudina\\\/\",\"name\":\"Aleksandra Yudina\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#authorImage\",\"url\":\"https:\\\/\\\/abchprod.wpengine.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/Frame-331-1-96x96.png\",\"width\":96,\"height\":96,\"caption\":\"Aleksandra Yudina\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#webpage\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/\",\"name\":\"2022 Solana Hacks Explained: Solend - Ackee Blockchain\",\"description\":\"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend's Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend's team, the attacker previously attempted to exploit the platform on October 28, when he pumped\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/aleksandra-yudina\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/aleksandra-yudina\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/Solden-1.png\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#mainImage\",\"width\":1972,\"height\":1360},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/2022-solana-hacks-explained-solend\\\/#mainImage\"},\"datePublished\":\"2023-01-31T14:48:47+02:00\",\"dateModified\":\"2023-01-31T14:48:47+02:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/\",\"name\":\"Ackee Blockchain\",\"description\":\"Blog & Research\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"2022 Solana Hacks Explained: Solend - Ackee Blockchain","description":"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend's Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend's team, the attacker previously attempted to exploit the platform on October 28, when he pumped","canonical_url":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#blogposting","name":"2022 Solana Hacks Explained: Solend - Ackee Blockchain","headline":"2022 Solana Hacks Explained: Solend","author":{"@id":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/#author"},"publisher":{"@id":"https:\/\/ackee.xyz\/blog\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/01\/Solden-1.png","width":1972,"height":1360},"datePublished":"2023-01-31T14:48:47+02:00","dateModified":"2023-01-31T14:48:47+02:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#webpage"},"isPartOf":{"@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#webpage"},"articleSection":"Exploits, Hacks, Solana, exploit, Hack, Solana, Solana security"},{"@type":"BreadcrumbList","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog#listItem","position":1,"name":"Home","item":"https:\/\/ackee.xyz\/blog","nextItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/#listItem","name":"Hacks"}},{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/#listItem","position":2,"name":"Hacks","item":"https:\/\/ackee.xyz\/blog\/category\/hacks\/","nextItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/#listItem","name":"Exploits"},"previousItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/#listItem","position":3,"name":"Exploits","item":"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/","nextItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#listItem","name":"2022 Solana Hacks Explained: Solend"},"previousItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/#listItem","name":"Hacks"}},{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#listItem","position":4,"name":"2022 Solana Hacks Explained: Solend","previousItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/#listItem","name":"Exploits"}}]},{"@type":"Organization","@id":"https:\/\/ackee.xyz\/blog\/#organization","name":"Ackee Blockchain","description":"Blog & Research","url":"https:\/\/ackee.xyz\/blog\/","logo":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#organizationLogo","width":5268,"height":825},"image":{"@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/#author","url":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/","name":"Aleksandra Yudina","image":{"@type":"ImageObject","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#authorImage","url":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2024\/08\/Frame-331-1-96x96.png","width":96,"height":96,"caption":"Aleksandra Yudina"}},{"@type":"WebPage","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#webpage","url":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/","name":"2022 Solana Hacks Explained: Solend - Ackee Blockchain","description":"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend's Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend's team, the attacker previously attempted to exploit the platform on October 28, when he pumped","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/ackee.xyz\/blog\/#website"},"breadcrumb":{"@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#breadcrumblist"},"author":{"@id":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/#author"},"creator":{"@id":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/01\/Solden-1.png","@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#mainImage","width":1972,"height":1360},"primaryImageOfPage":{"@id":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/#mainImage"},"datePublished":"2023-01-31T14:48:47+02:00","dateModified":"2023-01-31T14:48:47+02:00"},{"@type":"WebSite","@id":"https:\/\/ackee.xyz\/blog\/#website","url":"https:\/\/ackee.xyz\/blog\/","name":"Ackee Blockchain","description":"Blog & Research","inLanguage":"en-US","publisher":{"@id":"https:\/\/ackee.xyz\/blog\/#organization"}}]},"og:locale":"en_US","og:site_name":"Ackee Blockchain - Blog &amp; Research","og:type":"article","og:title":"2022 Solana Hacks Explained: Solend - Ackee Blockchain","og:description":"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend's Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend's team, the attacker previously attempted to exploit the platform on October 28, when he pumped","og:url":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/","og:image":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","og:image:secure_url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","article:published_time":"2023-01-31T12:48:47+00:00","article:modified_time":"2023-01-31T12:48:47+00:00","twitter:card":"summary","twitter:title":"2022 Solana Hacks Explained: Solend - Ackee Blockchain","twitter:description":"Solend is a decentralized lending and borrowing protocol on Solana. On November 2, 2022, an attacker drained assets from Solend's Stable, Coin98, and Kamino isolated pools resulting in $1.26M of bad debt. Exploit Details Based on the report from Solend's team, the attacker previously attempted to exploit the platform on October 28, when he pumped","twitter:image":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png"},"aioseo_meta_data":{"post_id":"455","title":null,"description":null,"keywords":[],"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":[],"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"ai":null,"created":"2023-01-31 12:48:47","updated":"2023-01-31 12:57:17","breadcrumb_settings":null,"seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/ackee.xyz\/blog\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/ackee.xyz\/blog\/category\/hacks\/\" title=\"Hacks\">Hacks<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/\" title=\"Exploits\">Exploits<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t2022 Solana Hacks Explained: Solend\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/ackee.xyz\/blog"},{"label":"Hacks","link":"https:\/\/ackee.xyz\/blog\/category\/hacks\/"},{"label":"Exploits","link":"https:\/\/ackee.xyz\/blog\/category\/hacks\/exploits\/"},{"label":"2022 Solana Hacks Explained: Solend","link":"https:\/\/ackee.xyz\/blog\/2022-solana-hacks-explained-solend\/"}],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/01\/Solden-1-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/01\/Solden-1-600x600.png","author_info":{"display_name":"Aleksandra Yudina","author_link":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/455","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=455"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/455\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/456"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=455"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=455"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=455"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}