The well-known crypto mixer Tornado Cash has fallen victim to a governance attack. By surreptitiously getting a proposal approved by the Tornado Cash community, the hacker now has all the votes. With that, the governance layer of the protocol is completely compromised.
Attacker gave himself 1.2 million votes
The way the hacker managed it is quite technical. It started, according to researcher samczsun from research company Paradigm all with a proposal submitted on May 20.
First, what does this mean for Tornado Cash?
Through governance control, the attacker can:
– withdraw all of the locked votes
– drain all of the tokens in the governance contract
– brick the routerHowever, the attacker still can’t:
– drain individual pools— @samczsun.com (@samczsun) May 20, 2023
That proposal seemed normal. However, there was also an additional function attached to it. Voters did not realize this and unsuspectingly voted for the proposal. Then the hacker activated the additional function, “emergencyStop”, after which he was able to assign himself 1.2 million fake votes.
It’s an extremely painful situation for the protocol. For example, the researcher states that the Tornado Cash governance structure “actually no longer exists.”
What does this mean for crypto mixer Tornado Cash?
Now that the attacker has so many votes in his hands, he can basically do whatever he wants. This will allow all pinned votes to be taken, all tokens in the governance contract, and completely destroy the router.
So far, the hacker has only recorded pinned votes in the form of TORN tokens. It would be 10,000 votes. Its value was around $6, bringing the theoretical value of what the hacker has taken so far to $60,000. However, it turns out new information that the damage has become much greater.
The value of TORN has since fallen sharply. The crypto is now worth $4.50 at the time of writing, down almost 30% from 24 hours ago.
The Tornado Cash community is currently working to resolve the situation. According to information obtained by Cointelegraph the situation unfortunately appears to be hopeless:
“There was an attack on protocol this morning that you already know about. All day another community developer and I have been thinking about what to do, but the situation is almost hopeless – currently the attacker is controlling Tornado Cash Governance.”