Investors Beware: Swerve Finance’s $1.3M Hack Shows Risks of Abandoned Platforms!

Key Points:

• Swerve Finance, a DeFi project, is currently undergoing a governance attack trying to steal $1.3M in stablecoins. This attack has been ongoing for over a week.
• The attacker is attempting to gain voting power to execute proposals that would transfer ownership of Swerve’s remaining funds to the attacker’s contract.
• Wintermute’s Head of Research claims to have identified the identity of the attacker and has encouraged them to stop the attack and help the community protect Swerve from future attacks.

Swerve Finance, a decentralized finance (DeFi) project, was created as a clone of Curve Finance, a popular DeFi platform. However, Swerve Finance has since been shut down, and it is currently in the middle of a live governance exploit. This exploit has been ongoing for over a week and is attempting to steal $1.3 million in stablecoins.

A governance attack is a type of hacking where the attacker gains enough voting power to execute proposals designed to steal tokens from a protocol. In Swerve Finance’s case, the attacker is attempting to gain voting power to execute two proposals that would transfer ownership of Swerve’s remaining funds, worth $1.3 million, to the attacker’s contract. The attacker, who is referred to as “Exploiter A” in this article, launched the attack with 348,000 of Swerve’s governance tokens. However, the attacker did not have enough tokens to meet the 51% token ownership required to pass the proposal.

On-chain data shows that the attacker requested assistance from another address, which is referred to as “Exploiter B.” This new entity soon began voting on the proposal with 102,000 Swerve governance tokens. However, the combined voting power between these two attackers was still not enough to pass the malicious governance proposal.

Wintermute’s Head of Research, Igor Igamberdiev, claims to have unmasked the identity of the exploiter. He provided a trail of on-chain evidence, including transactions routed via the sanctioned crypto mixer Tornado Cash, that linked to a specific individual. The analysis links wallet addresses associated with this individual to Exploiters A and B responsible for the governance attack.

Igamberdiev is “100%” sure that the individual he identified is the exploiter. He added that timing is the usual heuristic to connect deposits and withdrawals. For context, timing refers to the numerous instances where deposits and withdrawals linked to the individual and the two exploiter addresses appear to be connected.

Igamberdiev stated that it is not too late for the exploiter to stop the attack. He encouraged the exploiter to help the community protect Swerve from future attacks, for example, by transferring ownership to the null address.

Swerve Finance, a defunct Curve Finance clone, is currently in the middle of a live governance exploit to steal $1.3 million in stablecoins. The attacker, who has not been identified, is attempting to gain voting power to execute proposals that would transfer ownership of Swerve’s remaining funds to the attacker’s contract. Wintermute’s Head of Research claims to have identified the identity of the attacker and has encouraged them to stop the attack and help the community protect Swerve from future attacks.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Annie

Coincu News