Trusted

Tornado Cash Governance Compromised: TORN Price Dips 25%

2 mins
Updated by Ryan Boltman
Join our Trading Community on Telegram

In Brief

  • An attacker has seized control of Tornado Cash governance.
  • The hacker has over 1 million of the crypto mixer's native token.
  • TORN fell more than 25% during the reporting period.
  • promo

Popular crypto mixer Tornado Cash TORN token dropped by more than 30% after a malicious player hijacked its governance to steal over 480,000 tokens from its vault.

According to on-chain data, the attacker sold 379,000 tokens for 375 ETH (roughly $680,000) and still has 97,700 TORN tokens in their wallet. Available information also showed that the hacker deposited 6,000 tokens on Bitrue.

How the Attack Happened

Interestingly, the hacker deposited their profits from dumping TORN into the Tornado Cash mixer, according to a Peckshield report.

TORN BiTrue Deposits
TORN BiTrue Deposits (Source: PeckShield)

Paradigm researcher Samczsun explained that the attacker gained control of Tornado Cash governance by creating a malicious proposal. The hacker falsely claimed that the proposal used a similar logic to an earlier proposal.

However, unknown to the community, the attacker had added an emergency-stop function that allowed them to update the proposal logic to grant themselves 1.2 million votes.

Tornado Cash Malicious Proposal Code
Tornado Cash Malicious Proposal (Source: Samczsun)

The hacker gained complete control of the DAO as their votes were more than the 700,000 legitimate votes of the OFAC-sanctioned crypto mixer members.

What This Means for Tornado Cash

According to Samczsun, the attacker’s control over the protocol’s governance could allow them to withdraw locked tokens, brick the router, and drain all the tokens in the governance contract.

However, the governance control does not allow the hacker to drain individual pools. So, anyone can still use Tornado Cash to move funds and not worry that the hacker will steal it.

But the attacker can access Tornado Cash Nova deployed on the Gnosis chain. This is a proxy administered by governance which means the attacker can update the contract to drain all the ETH in the pool. There are currently 510.8 WETH worth over $928,000 in the contract.

TORN Value Falls

Following the news, the TORN token has fallen by more than 25% to $4.69 as of press time, according to BeInCrypto data. The attack has also pushed the total market cap of the crypto token to less than $10 million.

TORN Price Performance
TORN Price Performance (Source: BeInCrypto)

Meanwhile, crypto exchanges like Binance have temporarily suspended deposits of the token to protect their users. However, Justin Sun’s Huobi and Poloniex maintain that deposits and withdrawals for TORN remain active. Sun added:

“We’re closely monitoring the situation and may adjust our policy as required to ensure secure. We appreciate your understanding and support.”

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Oluwapelumi-Adejumo.png
Oluwapelumi Adejumo
Oluwapelumi Adejumo is a journalist at BeInCrypto, where he reports on a broad range of topics including Bitcoin, crypto exchange-traded funds (ETFs), market trends, regulatory shifts, technological advancements in digital assets, decentralized finance (DeFi), blockchain scalability, and the tokenomics of emerging altcoins. With over three years of experience in the industry, his works have been featured in major crypto media outlets such as CryptoSlate, Coinspeaker, FXEmpire, and Bitcoin...
READ FULL BIO
Sponsored
Sponsored