Oracle Manipulation
Oracle manipulation is an attack where a malicious actor temporarily distorts the price feed used by a DeFi protocol, enabling theft of deposited assets. The typical pattern: the attacker takes a flash loan, executes a large swap on a thinly-liquided AMM to push its reported spot price to an extreme, calls a lending protocol that relies on that AMM's spot price as an oracle, borrows against the manipulated price at a fraudulently favorable rate, and walks away with undervalued collateral or over-borrowed assets. Oracle manipulation attacks have been among the most expensive exploits in DeFi history. Defenses include: using TWAP oracles instead of spot prices, aggregating across multiple oracle sources (Chainlink, Chronicle, Pyth), implementing price deviation circuit breakers, and maintaining minimum liquidity thresholds before accepting a price feed. The economic security of DeFi is fundamentally bounded by the cost of manipulating its weakest oracle.