As known from:
known from Coinwireknown from Benchknown from Coinindex
  • About CryptoGmblr.com
Contains commercial content
Cryptogambling / Attackers Exploits Tornado Cash Dao via Vote Fraud

Attackers Exploits Tornado Cash Dao via Vote Fraud

Publish Date: 22/05/2023
Key Points
  • Tornado Cash Dao faced a cyber security attack via a malicious proposal.
  • The attacker withdrew 10,000 votes as Tron and sold them.
  • Tornado Cash is scouting for developers to improve security in the protocol.

A malicious proposal has opened the gates for a cyber attack on Tornado Cash Governance.

The attacker withdrew all the locked votes, as well as the tokens in the governance contract and bricked the router after gaining full control.

At the start of the weekend, the attacker published a malicious proposal that hid the code function which grants access to fake votes which can be used to manipulate Tornado Cash, its token as well as withdraw the locked Torn tokens.

According to @samczsun of research-driven technology investment firm Paradigm, the proposal received more than 700,000 legitimate votes.

@samczsun.com
2023-05-22 09:58
On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control. https://t.co/nY87XmrYgT https://t.co/h9qjc3xRqz
1947 110

In his tweet, he added that the attacker used a technique similar to a proposal that has already been passed by the community. Although, the proposal had other functions at this time.

Clarifying the function of this malicious proposal, @samczsun explained that:

“Once the proposal was passed by voters, the attacker simply used the emergency-stop function to update the proposal logic to grant themselves the fake votes.”

The total amount of voters withdrawn by the attacker is 10,000 as TORN and sold it all, added by @samczsun

More About The Attack

Although the attack was not directed at the Tornado Cash protocol responsible for users to send funds through the service so as to hide the movement of funds and crypto addresses.

Meanwhile, Tornadosaurus-Hex, an active community for Tornado Cash affirmed that funds in Governance are compromised and advised users to quickly withdraw all their funds locked on the platform. According to a Tornado Cash community developer at the time this incident happened:

“There was an attack on the protocol this morning that you already know about. All day, another community developer and I thought about what to do, but the situation is close to hopeless – currently, the attacker controls Governance.”

Tornado Cash Scouting for Developers

The community added that they are trying to put a solution in place towards reverting the damages caused by this attack.

According to the organisation, they are currently in search of solidarity developers that can help salvage the protocol. The team additionally stated that they need to work closely with Binance because the exchange platform has more tokens than the attacker.

What Tornado Cash Users Need to Know

A former developer of the platform Tornado Cash is working on building a new crypto-mixing service from scratch to address the flaw existing in the protocol.

Ameen Soleimani
2023-05-22 09:58
1/ We fixed @tornadocash ๐Ÿ˜‡ v0 of https://t.co/Nt4b2Tgx1D is live on @optimismFND test out the demo, but please note: – this is experimental code – it has not been audited – the trusted setup is untrusted read the full story anon ๐Ÿงต๐Ÿ‘‡ https://t.co/9nAU3RrgpN
1809 77

The developer added that in the hope of finding a solution to this cyber attack, he hopes that the solution will protect against further attacks on the operations of the system.

Pen Drop

What Tornado Cash users experience today shows that there is a need for users to be watchful with the exchanges and platforms they interact with especially when it comes to making money. It is also safe to say that these platforms need to be on their toes by providing efficient security for the safety of user’s funds.

Top Online Casinos
Top Casinos Bonuses
Stake.us
Stake.us
Stake.us Review
4.6/5
McLuck
McLuck
McLuck Review
4.6/5
High5Casino
High5Casino
High5Casino Review
4.5/5
Sweeptastic
Sweeptastic
Sweeptastic Review
4.5/5
Wow Vegas
Wow Vegas
Wow Vegas Review
4.5/5
Stake.us
Stake.us Bonus
$55 Stake Cash + 260K Gold Coins + 5% Rakeback
T&Cs apply
4.6/5
McLuck
McLuck Bonus
27.5 SC FREE and 57,5K Gold Coins
T&Cs apply
4.6/5
High5Casino
High5Casino Bonus
5 Sweeps Coins + 250 Game Coins + 600 Diamonds
T&Cs apply
4.5/5
Sweeptastic
Sweeptastic Bonus
44 SC FREE and 70K Lucky Coins
T&Cs apply
4.5/5
Wow Vegas
Wow Vegas Bonus
35 SC FREE and 1.75M WOW Coins
T&Cs apply
4.5/5
Latest News
Charles Hoskinson forecasts Altcoin season showdown: ADA vs. DOGE
Cardano (ADA) Faces Dual Meme Coin Competition where ...
Top 5 AI cryptocurrencies ready to thrive during the next bull market
New crypto ventures merge the groundbreaking capabilities of ...
Top Crypto Exchange Sites
Crypto Exchange Guide
  • Crypto Exchanges
  • Betting Exchange
Top Brands
Top Bonuses
Stake.us
Stake.us
Stake.us Review
4.6/5
McLuck
McLuck
McLuck Review
4.6/5
High5Casino
High5Casino
High5Casino Review
4.5/5
Sweeptastic
Sweeptastic
Sweeptastic Review
4.5/5
Wow Vegas
Wow Vegas
Wow Vegas Review
4.5/5
Stake.us
Stake.us Bonus
$55 Stake Cash + 260K Gold Coins + 5% Rakeback
T&Cs apply
4.6/5
McLuck
McLuck Bonus
27.5 SC FREE and 57,5K Gold Coins
T&Cs apply
4.6/5
High5Casino
High5Casino Bonus
5 Sweeps Coins + 250 Game Coins + 600 Diamonds
T&Cs apply
4.5/5
Sweeptastic
Sweeptastic Bonus
44 SC FREE and 70K Lucky Coins
T&Cs apply
4.5/5
Wow Vegas
Wow Vegas Bonus
35 SC FREE and 1.75M WOW Coins
T&Cs apply
4.5/5

Players must be 21 years of age or older or reach the minimum age for gambling in their respective state and located in jurisdictions where online gambling is legal. Please play responsibly. Bet with your head, not over it. If you or someone you know has a gambling problem, and wants help, call or visit: (a) the Council on Compulsive Gambling of New Jersey at 1-800-Gambler or www.800gambler.org; or (b) Gamblers Anonymous at 855-2-CALL-GA or www.gamblersanonymous.org.

Trading financial products carries a high risk to your capital, especially trading leverage products such as CFDs. CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. Between 74-89% of retail investor accounts lose money when trading CFDs. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.

This site is using Cloudflare and adheres to the Google Safe Browsing Program. We adapted Google's Privacy Guidelines to keep your data safe at all times.

21+NCPGGamblers AnonymousCloudflareSSLcoยฒ neutral
×
Your Bonus Code:
The bonus offer of was already opened in an additional window. If not, you can open it also by clicking the following link:
Visit Site