Swerve Finance, a defunct Curve Finance clone, is still in the midst of a live governance exploit to steal $1.3 million in stablecoins, which is viewable on-chain, and details may have emerged unmasking the alleged exploiter behind the attack. To summarize, someone has attempted to launch a governance attack against Swerve Finance. A governance attack occurs when a hacker gains enough voting power to carry out proposals designed to steal tokens from a protocol. The attack on Swerve Finance has been ongoing for more than a week. The governance attack began with an address owned by an entity we’ll refer to as “Exploiter A” for the purposes of this article. This address accomplished this by submitting two proposals to the attacker’s contract to transfer ownership of Swerve’s remaining funds (worth $1.3 million). The exploiter attempted to launch this attack using 348,000 Swerve governance tokens but was unsuccessful. This is because the attacker lacked the required 51% token ownership to pass the proposal. On-chain data show exploiter A requesting help from another address, which we’ll refer to as “Exploiter B.” With 102,000 Swerve governance tokens, this new entity quickly began voting on the proposal. These two entities’ combined voting power is still insufficient to pass the malicious governance proposal.
Full story : Defunct Swerve Finance Still Subject of $1.3 million Live Governance Hack.