$TOP Governance Exploit Drains $1.59M via Malicious Mint Proposal

Security monitor BlockSec Phalcon (@Phalcon_xyz) reported that the $TOP token was hit by a governance attack, causing losses of about $1.59 million. The attacker took advantage of $TOP"s low market capitalization to cheaply amass more than 50% of the voting power, then pushed through a malicious governance proposal that authorized a large mint of $TOP. The newly minted tokens were swapped for WETH through the Balancer liquidity pool, draining the pool"s liquidity. BlockSec Phalcon urged projects using Lido/Aragon-style governance frameworks to promptly reassess their controls, including voting power distribution, quorum and approval thresholds, and permissions around minting.