An unknown actor has taken over the Build Finance DAO by using an inflated number of votes to pass a self-serving proposal, allowing the minting of millions of BUILD and other coins and a subsequent getaway, effectively killing the DAO.
According to a Twitter thread, Build Finance DAO suffered a “hostile governance takeover” with the attacker taking control of the key infrastructure from the DAO. By doing this, the malicious actor was able to wreak havoc on the protocol and drain nearly all of its funds, leaving the community out to dry.
The loss cost the DAO an estimated US$470,000 at the time of the incident. Since then the price of BUILD has tanked after the individual sold more than 1 billion coins into the market, flooding the supply.
It is with deep regret that we have to inform the community of this total and irrecoverable loss of BUILD DAO treasury assets through the deeds of one malicious actor.
BUILD Finance DAO tweet
What is a Hostile Governance Takeover?
On February 9, a proposal was made to pass full control of the governance contract, minting keys and treasury to a user named ‘Suho.eth’. After a failed first attempt, the attacker took additional steps to hide evidence of the proposal by disabling the gitbooks and proposal bot.
By sneaking the proposal underneath the radar, the unknown actor used a large supply of tokens to vote through the proposal, allowing total control of the DAO.
With all the access rights, the attacker was able to mint 1.1 billion BUILD tokens as well as drain the liquidity pools on two decentralised exchanges, Balancer and Uniswap. After this, the attacker took a further 130,000 METRIC tokens from the project’s treasury, sold them, and minted an additional 1 billion BUILD tokens.
Since then, the perpetrator has sent a significant amount of funds to the mixing service on Ethereum, Tornado Cash. The funds transferred add up to around 160 ETH, or just over US$500,000 at the time of writing.
A DAO Left With Nothing
After the looting of its treasury and liquidity pools, members of Build Finance tried make contact with the attacker but it seems there is no reparation in sight. With such major damage done to the DAO’s liquidity, it would be difficult to continue with its project goals.
We would welcome a discussion in the discord with community members about the way to move forward from this, but it is difficult to see a future for BUILD with only its brand recognition and IP assets, and no liquid treasury.
Build Finance DAO
Disclaimer:
The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.
Credit: Source link
