Tornado Cash Governance Falls Prey to Malicious Hijack
In an alarming incident that highlights the potential vulnerabilities of decentralized systems, an attacker has managed to gain full control of the governance mechanism of Tornado Cash, a popular decentralized crypto mixer.
The attacker orchestrated a malicious proposal that successfully accrued 1.2 million votes on May 20. The proposal, which seemed legitimate at first, won over more than 700,000 legitimate votes, subsequently giving the attacker complete control over Tornado Cash governance.
Once in control, the attacker was able to withdraw all of the locked votes, drain all of the tokens in the governance contract, and cause significant disruption to the router. The fallout from this incident is significant - the attacker managed to extract a total of 483,000 TORN tokens from the Tornado Cash governance vault.
The stolen tokens have already been put into circulation. The attacker has deposited 6,000 TORN into the Bitrue exchange, sold off 379,300 TORN on the chain and exchanged it for 375 ETH (equivalent to approximately 680,000 US dollars). The remainder of the stolen tokens, about 97,700 TORN, is still unaccounted for.
Once in control, the attacker was able to withdraw all of the locked votes, drain all of the tokens in the governance contract, and cause significant disruption to the router. The fallout from this incident is significant - the attacker managed to extract a total of 483,000 TORN tokens from the Tornado Cash governance vault.
The stolen tokens have already been put into circulation. The attacker has deposited 6,000 TORN into the Bitrue exchange, sold off 379,300 TORN on the chain and exchanged it for 375 ETH (equivalent to approximately 680,000 US dollars). The remainder of the stolen tokens, about 97,700 TORN, is still unaccounted for.
