A Malicious Proposal is Used by the Attacker to Seize Control of Tornado Cash Governance

Published on:

Last Updated on May 21, 2023 by Bitfinsider

The Tornado Cash DAO’s governance system was completely under the hands of the attacker when they succeeded in getting a malicious proposal previously approved by the organization.

The Ethereum-based cryptocurrency mixing platform called Tornado Cash has received approval from the US Treasury. Its governance structure, which is managed by those who own the project’s native TORN tokens, regulates protocol updates.

On May 20, the governance system accepted an upgrade that was ostensibly identical to a prior upgrade that had been approved. However, that wasn’t the case because the attacker had included a further function, according to a security researcher going by the alias Samczsun on Twitter. When the modification was approved, the assailant exploited this feature to give themselves an additional 1.2 million votes, effectively giving them control over the whole political system.

This control has already been exploited by the attacker. They immediately removed 10,000 tokens representing votes in the form of TORNs and sold them all for $25,600. The remaining locked votes were then emptied, according to Samczsun.

According to on-chain analyzer EmberCN, 483,000 TORN were removed from the vault in total. They stated that 6,000 TORN were put on the cryptocurrency market Bitrue, 379,000 were sold for ether on-chain for $680,000, and just under 100,000 TORN are still in the attacker’s possession.

Wu Blockchain reports that Binance indicated it will halt TORN deposits and withdrawals, however Justin Sun said on Twitter that Huobi would continue to accept deposits and withdrawals of the token.

Samczsun pointed out that an attacker who has access over the governance system can easily drain all of the tokens from the governance contract and disable the router, which is essential to how the protocol functions. On the other hand, the researcher pointed out that, with the exception of one pool on the Gnosis Chain, which is upgradeable, the attacker is unable to drain the funds that are kept within the protocol—such as ether that’s being used for mixing.

From a high of $7.3 yesterday to as low as $3.75 today, the price of TORN has decreased. Since then, it has increased to $4.60.

Hardware wallets are safe and secure devices that can be used offline. They keep your cryptocurrency offline, making it impossible for you to be hacked. To find out more on the leading hardware wallets, you may view our reviews here: Ledger & Trezor
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, legal, tax or other advice. Investing in or trading cryptocurrency or stocks comes with a risk of financial loss.