TechFlow News: On March 26, according to The Block, the Moonwell DeFi lending protocol suffered a governance attack on its Moonriver deployment. The attacker spent approximately $1,800 to acquire roughly 40 million MFAM tokens and completed the entire process—including purchasing tokens, submitting a proposal, and achieving quorum—in about 11 minutes. If executed, this malicious proposal would transfer administrative control over seven lending markets, the Comptroller, and the oracle to a contract controlled by the attacker, enabling them to withdraw approximately $1.08 million in user funds.
Voting remains open until March 27. Although the majority of votes have shifted to “against,” the final outcome remains uncertain. The protocol features a “Break Glass Guardian” emergency multisig mechanism capable of intervening before proposal execution. This incident once again exposes structural risks inherent in decentralized governance—namely, uneven token distribution and low participation. Notably, Moonwell previously incurred an $1.8 million bad debt loss in February 2026 due to an oracle configuration error.
