A high-ranking MakerDAO governance delegate has suffered a huge $11 million loss in a phishing scam involving Aave Ethereum Maker (aEthMKR) and Pendle USDe tokens.
Scam Sniffer detected the Scam in the early hours of June 23. The unsuspecting delegate fell prey to the phishing attack after signing multiple signatures, a series of actions that ultimately led to the unauthorized transfer of their crypto assets.
The heart of the phishing scam lies in the exploitation of an important figure within the MakerDAO system. The senderâs address, identified as â0xfb94d3404c1d3d9d6f08f79e58041d5ea95accfa,â dispatched 3,657 aEthMKR tokens to the recipient address â0x739772254924a57428272f429bd55f30eb36bb96.â
In an alarming 11 seconds, the transaction was confirmed, sealing the fate of the stolen assets. According to Colin Wu, Arkhamâs analysis revealed that the victim was indeed a MakerDAO governance delegate.
This delegate plays a key role in MakerDAOâs governance, contributing to vital decision-making processes that shape the protocolâs future.
Related: MakerDAO announces launch of two new tokens
Delegates within MakerDAO are tasked with voting on various governance proposals, polls, and executive votes. Their influence is substantial, impacting major decisions within the Maker protocol.
These delegates, alongside MKR token holders, determine the outcomes of proposals that progress from initial discussions to final executive votes.
When a proposal gains approval, it is not immediately implemented. Instead, it enters a waiting period known as the Governance Security Module (GSM). This interval acts as a security buffer, preventing abrupt changes to the protocol and ensuring a period for reconsideration or potential veto.
đšđ 5 hours ago, a victim lost $11 million worth of aEthMKR and Pendle USDe tokens due to signing multiple Permit phishing signatures. pic.twitter.com/9jhgQMdkl9
â Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) June 23, 2024
The phishing scam has far-reaching implications for MakerDAOâs governance and security. With the delegate compromised, there is an immediate concern about the integrity and security of the voting process.
Delegates are pivotal in ensuring the governance framework operates smoothly, making informed decisions affecting the entire protocol.
The loss of such a significant amount of aEthMKR and Pendle USDe tokens impacts the delegate personally. It raises questions about the security measures in place to protect other delegates and stakeholders in the system.
Jai Hamid