Adding to the existing roadblocks of the decentralized crypto mixer Tornado Cash, an attacker managed to gain full control of the governance through a malicious proposal.

On May 20 at 3:25 ET, an attacker successfully granted 1.2 million votes to a malicious proposal. Given that the proposal received more than 700,000 legitimate votes, the attacker gained total control over Tornado Cash governance.

On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control.https://t.co/nY87XmrYgT pic.twitter.com/h9qjc3xRqz

As explained by @samczsun:

“Once the proposal was passed by voters, the attacker simply used the emergencyStop function to update the proposal logic to grant themselves the fake votes.”

As shown above, they also attempted deploying a contract that could potentially revert the changes while still suggesting the community to withdraw their funds. Cointelegraph also came across a distress call from one of Tornado Cash’s community developer who confirmed the above developments, stating:

Related: Allbridge offers bounty to exploiter who stole $573K in flash loan attack

A former Tornado Cash developer is reportedly working on building a new crypto mixing service from scratch, which addresses the “critical flaw” existing in Tornado Cash.

1/ We fixed @tornadocash

Attacker hijacks Tornado Cash governance via malicious proposal

Related News

7 presidential candidates have dropped clues about their crypto stance

Tornado Cash governance control set to be restored as token votes approve proposal

Stargate community proposes removal of Fantom USDC pool to mitigate risks

MakerDAO proposal seeks to hike DAI savings rate to 3.33%

ecoterra Presale Adds Coca Cola, Carlsberg, Evian to Sustainable Cryptocurrency Ecosystem - $4.35 Million Raised So Far

US Sen. Lummis Says President Biden Is Picking ‘Winners and Losers’ With Proposed Crypto Mining Tax

French lawmakers agree to loosen rules in proposed crypto influencer bill

DeSantis looks like the choice for crypto enthusiasts in 2024

WEF publishes crypto asset regulation recommendations for government, industry

OpenAI launches grant for AI democratic governance project

Cyber Attackers Seize Control of Sanctioned Crypto Mixer Tornado Cash

Financial surveillance, privacy and CBDCs: Why are governments going cashless?

Is Shiba Inu Still a Viable Investment? SHIB Price Declines While SPONGE Shows Strong Rally - Is There 100x Potential in 2023?

IMF optimism in Central African Republic, despite Bitcoin adoption

Crypto should mimic TradFi rules: Global securities regulator IOSCO

Russian lawmakers propose amendments to digital ruble bill

XRP Price Prediction as Ripple CEO Announces Plan to Utilize $1 Billion Cash Reserves for Company Expansion

TORN Price gets Lift After Tornado Cash Attacker Proposes to Reverse Governance Attack

Lido Proposes to Staking the Lido Protocol Token to Boost Utility and Sustainability

Tornado Cash attacker to potentially giveback governance control, proposal reveals

Top Crypto Gainers & Losers Today - Tornado Cash Crash, Pepe Price Bounces