The developers of the DeFi protocol Yam Finance prevented a cyber attack aimed at transferring control over the project’s reserves to an unknown third party.
According to the team, the attack, which began on June 7, was discovered two days later. The delay is because the hacker presented a proposal to control the protocol using internal transactions.
The malicious offer contained an unverified smart contract designed to transfer control of Yam Finance's reserves to an address associated with the attacker's wallet. If the attacker had managed to gather a quorum for the proposal to be accepted by a majority of the community, he would have gained access to Yam Finance assets worth $3.1 million.
The protocol team faced a similar attack in December 2021.
Trending: Finder: Bitcoin could hit $80,000 by 2025
The incident comes amid a struggle to manage the Yam Finance ecosystem associated with the project's vault. The current model was approved by more than 54%, but now some members of the community have put forward a proposal to re-vote.
Yam Finance emerged during the early DeFi boom in the summer of 2020. Two days after the start of the project, the price of the native token collapsed by 99% per day. The reason was a discovered vulnerability in the protocol management system.
Recall that in March, the Ronin sidechain involved in Axie Infinity was subjected to a hacker attack. The attackers withdrew crypto assets worth about $625 million. The hack was the largest in the history of the DeFi segment.
Trending: Salvadorans are against buying bitcoins at the expense of the budget
Later, experts found that spyware was used in the attack on Ronin.