The synthetic asset protocol on Terra blockchain is under "governance attack." The "hacker" is looking forward to stealing $30 million worth of MIR tokens via the initiated Proposal 185, which was disguised as a cooperation request with the Solana network.
According to the proposal's description, it was created to allow cooperation with a Solana ecosystem listing on an Orderbook decentralized exchange. The recipient address should have gotten 15 million MIR tokens.
According to the screenshot shared by WuBlockchain, more than 1.78 MIR have been sent in favor of the proposal, while 2.3 million MIR have been sent on the "No" address that would decline the proposal.
The synthetic asset protocol Mirror on the Terra is suspected of being under a governance attack. The attacker initiated Proposal 185, disguised as a request for cooperation with Solana, trying to defraud 15 million MIR tokens from the community fund pool . pic.twitter.com/Ct0OumFCil— Wu Blockchain (@WuBlockchain) December 25, 2021
More likely, the governance attack has failed and funds will not be sent to the scammer's wallet. Funds spent on voting will also be transferred back to users.
The "governance attack" principle
Blockchain and projects with an implemented governance mechanism quite often become victims of governance attacks that are aimed at draining projects' funding wallets or even stealing funds from users directly, depending on the mechanism's functionality.
With the help of numerous wallets and large collateral, hackers or scammers are able to generate votes with fake addresses that will receive funding tokens or coins for the realization of the proposal. But instead of spending money on the proposal's realization, scammers sell assets on decentralized exchanges and disappear.
The scamming scheme is being realized by sending money to the "Yes" option address. Since most protocols send users' funds back to their wallets, scammers are able to drain funding wallets without spending even the smallest part of their initial collateral.