Login
Sign Up
Woofun AI reports that the BarnBridge SMART Yield cUSDC protocol on Ethereum suffered a governance attack causing approximately $776,000 in losses. The attacker acquired DAO governance rights and upgraded the SmartYield/controller proxy to a malicious implementation contract. This contract invoked the _takeUnderlying privileged function of CompoundProvider, leveraging pre-existing USDC approvals from 50 user accounts to transfer aggregated funds to the attacker via transferFees.