In line with the abstract, the attacker took out a flash mortgage on lending platform Aave which enabled them to amass a considerable amount of Beanstalk’s native governance token, Stalk. With the voting energy granted by these Stalk tokens, the attacker was capable of shortly go a malicious governance proposal that drained all protocol funds into a personal Ethereum pockets.