Cryptocurrency transaction mixing service Tornado Cash has experienced a forceful takeover of its governance system, orchestrated by hackers via a malevolent proposal. The breach saw an attacker surpass the tally of legitimate votes, granting them control over the protocol’s governance system.
The attack was conducted over the weekend, and led to an attacker having 1.2 million counterfeit votes to control its governance system. As the fake vote exceeded the 700,000 legitimate votes, the attacker was able to gain full control of Tornado Cash’s governance.
The Tornado Cash protocol is governed by holders of its native governance token TORN, which allows them to vote for changes in the protocol. Samczsum, a security researcher at crypto investment firm Paradigm, noted that with the votes the attackers have they can “do whatever they want.” Their first move was to withdraw 10,000 votes as TORN and sell them all.
Following news of this exploit, leading cryptocurrency exchange Binance, announced a temporary suspension of TORN deposits. The attacker has since submitted a proposal to undo the attack.
The US Treasury Department sanctioned Tornado Cash in August, accusing the service of helping North Korean hackers hide their illicit profits. The service was used by the Lazarus Group, a North Korean cyberattack group, to launder around $450 million, according to the officials.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoAiStream. Web3 Data Intelligence. Knowledge Amplified. Access Here.
- Minting the Future w Adryenn Ashley. Access Here.
- Buy and Sell Shares in PRE-IPO Companies with PREIPO®. Access Here.
- Source: https://www.cryptocompare.com/email-updates/daily/2023/may/22/
- :has
- :is
- 000
- 1
- 10
- 2023
- 22
- a
- Able
- According
- All
- allows
- an
- and
- announced
- around
- AS
- At
- attack
- AUGUST
- binance
- breach
- by
- CAN
- Cash
- Changes
- COM
- conducted
- control
- Counterfeit
- crypto
- Crypto Investment
- crypto roundup
- CryptoCompare
- cryptocurrency
- Cryptocurrency Exchange
- Cyberattack
- Department
- deposits
- exceeded
- exchange
- experienced
- Exploit
- fake
- Firm
- First
- For
- full
- Gain
- governance
- governed
- granting
- Group
- hackers
- Have
- having
- helping
- Hide
- holders
- HTTPS
- illicit
- in
- investment
- ITS
- Korean
- Lazarus
- Lazarus Group
- leading
- Led
- legitimate
- May..
- million
- Mixing
- move
- native
- news
- North
- north korean hackers
- noted
- of
- officials
- orchestrated
- over
- paradigm
- plato
- Plato Data Intelligence
- PlatoData
- profits
- proposal
- protocol
- protocols
- researcher
- roundup
- Sanctioned
- sanctioned Tornado Cash
- security
- sell
- service
- since
- submitted
- surpass
- suspension
- system
- takeover
- Tally
- temporary
- that
- The
- their
- Them
- they
- this
- to
- token
- torn
- tornado
- Tornado Cash
- transaction
- treasury
- Treasury Department
- us
- US Treasury
- Us Treasury Department
- used
- via
- Vote
- votes
- want
- was
- weekend
- whatever
- which
- with
- withdraw
- zephyrnet