Get 40% Off
🤯 This Tech Portfolio is up 29% YTD! Join Now to Get April’s Top PicksGet The Picks – Just 99 USD

Researcher Unveils Scammer Behind Failed Swerve $1M Governance Attack

Published 2023-03-25, 10:25 a/m
Updated 2023-03-25, 10:45 a/m
© Reuters.  Researcher Unveils Scammer Behind Failed Swerve $1M Governance Attack

© Reuters. Researcher Unveils Scammer Behind Failed Swerve $1M Governance Attack

Coin Edition -

  • A scammer attempted multiple times to steal over $1M from Swerve Finance.
  • The hack failed as the scammer needed more tokens to execute proposals.
  • MyAlgo has unveiled preliminary findings regarding the ongoing security breach.

Igor Igamberdiev, head of research at the well-known market maker Wintermute, recently detailed how a fraudster tried to carry out a governance attack on Swerve Finance, a decentralized finance (DeFi) platform.

Igamberdiev noted that the scammer attempted multiple times in the past week to steal over $1 million in various stablecoins from the protocol but failed due to the platform’s governance structure and the community’s actions.

The researcher explained that Aragon powers Swerve Finance and that voters on the platform use veSWRV to execute proposals. While the attacker owns 495,000 veSWRV tokens, they needed 571,000 to implement proposals.

The tweets provided a timeline of the events that led up to the attack, including messages sent between different addresses, transfers of cryptocurrency, and attempts to create proposals to transfer ownership of the platform. Igamberdiev ultimately suggested that the owner of the “Silvavault” address, with @joaorcsilva username on Twitter, may have been the attacker.

Additionally, the researcher encouraged the community to help protect Swerve from future attacks by transferring ownership to the null address. The null address is an address that cannot be accessed or controlled by anyone, which can help prevent attacks by ensuring that ownership of the platform remains decentralized.

On the other hand, crypto wallet MyAlgo recently released preliminary findings of an ongoing investigation regarding a security breach on its wallet service last month.

According to the report, the attackers allegedly used a man-in-the-middle attack technique to exploit the content delivery platform (CDN) used by MyAlgo to set up a malicious proxy. MyAlgo claimed the proxy then modified the original code with harmful code, presenting a malicious version to users accessing the wallet.

The post Researcher Unveils Scammer Behind Failed Swerve $1M Governance Attack appeared first on Coin Edition.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.