iHodl.com
The Tornado Cash DAO organization suffered a hacker attack, giving an unidentified attacker a full control over the smart contract. On May 20, 2023, Paradigm’s analytic @samczsun said in a tweet that Tornado Cash governance effectively ceased to exist due to a “malicious proposal”, which granted the attacker 1,200,000 votes.
Subscribe to our Telegram channel to get daily short digests about events that shape the crypto world
The attacker used an earlier proposal as an example — which had successfully passed — and hid an extra malicious function, which allowed changing the logic of the DAO contract.
“Once the proposal was passed by voters, the attacker simply used the emergencyStop function to update the proposal logic to grant themselves the fake votes,” samczsun said.
OFAC Doubles Down on Sanctions Against Tornado Cash
As a result, the bad actor can now withdraw all the locked votes, drain all the tokens in the governance contract and even brick the router, the analyst said. Shortly after the news broke, TORN price plunged 40% to $4.44.
Binance said it had temporarily paused TORN deposits until further notice, citing “circumstances surrounding the protocol.” Huobi’s stakeholder Justin Sun said in a tweet deposits and withdrawals of TORN remain active on Huobi and Poloniex despite the incident.
Access more than 50 of the world’s financial markets directly from your EXANTE account – including NASDAQ, London Stock Exchange and Tokyo Stock Exchange
Источник: ru.ihodl.com