Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
The venture capital DAO organization Build Finance tweeted that the project suffered a malicious governance takeover. The malicious actors successfully controlled the Build token contract by getting enough votes, minting 1,107,600 BUILD tokens in three transactions, and spent With most of the funds in Balancer and Uniswap liquidity pools exhausted, attackers continue to take control of the balancer pools via governance contracts and drain the remaining funds including 130,000 METRIC tokens, METRIC liquidity on Uniswap and Fantom Both pools subsequently came under intense selling pressure. As it stands, attackers have full control over governance contracts, minting keys, and treasuries, and the DAO no longer controls any part of critical infrastructure. Attack method (per SlowMist): Governance Attack. Reported loss: 168 ETH.
- chain
- —
- protocol
- Build Finance
- bug_class
- governance
- date_occurred
- 2022-02-15
- loss_usd
- —
- source_id
- sm:build-finance::2022-02-15