/cdn.vox-cdn.com/uploads/chorus_asset/file/24016885/STK093_Google_04.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24808816/Starfield__The_Settled_Systems___Supra_Et_Ultra_____Starfield__The_Settled_Systems___Supra_Et_Ultra_2023_7_25_94252.263_1440p_streamshot.png)
Popular crypto mixer Tornado Cash lost total control of its governance to an attacker who deployed a malicious contract to access thousands of votes. The phenomenon was first discovered by @samczsun, a researcher at Web3-focused investment firm Paradigm.
according to understanding doThe attacker claimed that he used the same logic as in the previously passed proposal to create his malicious proposal, without mentioning that he had added an additional function.
However, in a recent development, the attacker “posted a new proposal to restore the regime’s status quo,” according to a Post on Mixer’s community forum.
The TornadoCash attacker implemented a new proposition that, when executed, would revert the damage done to governance functionality. Either they are blatant trolling or this regime will be an expensive but not disastrous lesson in security.
— 0xdeadf4ce (@0xdface) May 21, 2023
Attacker Seized Tornado Cash Governance
Immediately after Tornado Cash voters passed the proposal, the exploiter invoked the EmergencyStop function and updated the proposal logic to give himself 1.2 million fake votes. The attacker’s votes are over 700,000 valid, so they have gained complete control over the governance of Crypto Mixer.
With complete control, the attacker can do whatever he wants, such as rolling back all locked votes, extracting all tokens in the governance contract, and bricking routers. However, they cannot empty individual pools.
“After all, what can we learn from this? Be careful who you vote for! While we all know that proposal details can lie, proposal logic can lie too! Verified source code to remain the same if you If you depend on it, make sure the contract doesn’t have the ability to self-destruct,” Samczon warned.
Torn tokens worth over $2.1M stolen
According to a tweet by Web3 Media Group, shortly after Tornado Cash’s contract was taken down, the exploiter withdrew more than $2.1 million worth of 473,000 TORN — Mixer’s native token — from the governance contract. @whalecointalk, The bad actor sold the assets on-chain and deposited the profits back into Tornado.
Tornadosaurus-Hex, an active member of the Tornado Cash community, Confirmed that the attack had compromised all funds in the regime and asked all members to withdraw their assets locked in contracts.
While urging users to withdraw their funds, Tornadosaurus-Hex has also attempted to implement a contract that could refund the changes.
“A proposed solution to the attack that could potentially be viable is directly reverting state changes made by the attacker to the contract. As such, I have deployed a contract that should be able to do exactly this. .. Please check it out and offer if possible. Let’s see if we can get it, otherwise we are in a mess I would say, said the community member.
As some expected, the project’s native token plummeted after the news surfaced. TORN jumped to $7.3 on May 20, but lost nearly 40% in value in the following days and now sits at $4.5.
Binance Free $100 (Exclusive): Use this link to register and get $100 free and 10% off on Binance Futures for the first month. (terms).
PrimeXBT SPECIAL OFFER: Use this link to register and enter the code CRYPTOPOTATO50 to receive up to $7,000 on your deposit.
