Decentralized financial platform (DeFi) Yam Finance admits that it recently suffered an attack on its governance protocol. The incident occurred on July 7 yesterday. However, Yam Finance only realized it 2 days later, on July 9th to be exact. Even so, they claim to have managed to thwart the attack by the hacker.
Yam Finance admitted that it was realized thanks to the pings made by trent, samczsun and yambot. In short, the attack took place in Yam’s decentralized autonomous organization (DAO) protocol, which is where the protocol’s governance center resides. It is strongly suspected that the purpose of the powerful attack is to take control of the DeFi protocol’s financial reserves.
The allegation appeared to see the hacking scheme that occurred. Hackers create malicious contracts and delegate those contracts to Yam, Yam Governance, Yam Incentivizer, as well as Sushi Liquidity Providers (LP). The purpose of the contract is to influence the user into accepting the fake proposal being offered. If the deal is successful, the bad actors will have the ability to control Yam Finance’s reserves.
Previously, hackers also made deposits to liquidity providers (LP) and staking to deceive users. Actually the hackers had reached the quorum, but Yam Finance realized it. They immediately canceled the dangerous proposal.
As soon as they realized that their actions were exposed, the hackers immediately transferred back the funds they had injected in the prison to their wallet address, then transferred them to Ether (ETH).
For your information, the hacker was tracked using the wallet address: 0x4429ABbF523bEf0f1E934B04CFf8584955C72548.
There is US$3.1 Million in Treasury Yam Finance
According to Deepdao data, there is US$3.1 million in Yam Finance’s treasury. Yam Finance considers the pattern of the hackers this time to be similar to the actions that took place in 2021 ago.
On the other hand, Yam Finance is also facing a disputed vote. In a follow-up Twitter thread, the platform informed that there was a snapshot proposing that treasuries could be redeemed at a pro-rated rate. This proposal managed to pass by a narrow margin. However, oddly enough, many users claim to be unaware of the proposal and how it came about.
Therefore, Yam Finance proposes to hold a re-vote while giving time for discussion.
“Although we disagree with the proposal, but we leave it all up to token holders to decide Yam’s future,” he wrote.
Furthermore, it was explained that within the next one week, the re-election process would begin, in which the voting power was equal. Each snapshot block will be equivalent to the original vote.
Yam Finance can be proud of having succeeded in stopping the looting plan that befell him. As we all know, crypto assets have been growing in popularity lately, so it’s not surprising that in the end many bad guys also try to enter with the aim of robbing their financial assets.
The action that took place in Yam also happened on a DAO platform called AssangeDAO earlier this year. While Yam was on the verge of losing their treasury funds, AssangeDAO’s users had experienced a lot of fraud, according to reports. The bad guys used fake AssangeDAO accounts and scammed 539 users.
AssangeDAO itself is a platform meant for fundraising. The platform managed to collect 17,422 ETH and used it to bid on digital assets in the form of “clocks” at an auction price of 16,593 ETH.
Blockchain security company Peckshield, via a Twitter thread, said that they detected a fake AssangeDAO using a fake #MEME token as well.