NewsletterBreaking: Tornado Cash Suffers Governance Attack, TORN Price Tumbles 50%
Crypto mixer Tornado Cash suffers a governance attack on Sunday. Attackers took full control of Tornado Cash by granting themselves 1.2 million votes through a malicious proposal, which exceeds 700,000 legitimate votes.
Attackers are withdrawing TORN from the Tornado Cash governance vault, selling and swapping TORN for Ethereum (ETH). TORN price fell 35% to a low of $3.7 in 24hrs.
Crypto exchanges such as Binance on May 21 suspended TORN deposits as a precautionary measure. However, some exchanges have announced continuing deposits and withdrawals.
Please be informed that deposits and withdrawals of $TORN @tornado_cash remain active on @HuobiGlobal and @Poloniex. We're closely monitoring the situation and may adjust our policy as required to ensure secure. We appreciate your understanding and support.
— H.E. Justin Sun 孙宇晨 (@justinsuntron) May 21, 2023
Here’s How Tornado Cash Was Attacked
Tornado Cash team was looking to make a fresh start after US sanctions, Alex Pertsev’s arrest, and other issues. A malicious nullification proposal was posted a few days ago and the team noted a possible exploit attempt at the governance level but didn’t take any action as no TORN was moved. The team was also looking at contracts being deployed after the proposal was passed successfully.
“We didn’t notice it because we were looking at the contracts being deployed (as seen in the analysis) but deemed it safe even though we completely missed that the selfdestruct call could be used with create2 for arbitrary code execution (for governance memory).”
Tornado Cash asked everyone to withdraw their funds locked in governance as they look into the issue and proposed to revert changes by attackers.
Samczsun, a researcher at Paradigm, revealed that Tornado Cash governance effectively failed on May 20 at 07:25:11 UTC. The attacker gained full governance control of Tornado Cash to withdraw all locked votes, drain TORN tokens in the governance vault, and brick the router, by adding an extra function in the malicious proposal that mimicked the recently passed proposal.
Hackers executed “self-destruct” call with create2 to replace the contract and then execute the balance additions. Initially, 10,000 votes as TORN was withdrawn from the governance vault and sold all.
Moreover, attackers can also drain all ETH in pools by upgrading the contract as Tornado Cash Nova deployed to Gnosis Chain is a proxy.
Until now, Tornado Cash governance exploiter has deposited 6K TORN to Bitrue, swapped 380K TORN for ETH, and transferred 372 ETH into Tornado Cash. The attackers still have some TORN.
Also Read: Ledger Co-Founder Flag Security Risk In Open Source, Refutes Charles Hoskinson
TORN Price Fell 50%
TORN price fell over 50% in the last 24 hours as attackers withdraw tokens and sold them to exchanges and on-chain. Tornado Cash is really in trouble as the governance funds are compromised and other impacts remains uncertain.
The Tornado Cash price is currently trading at $4.52, with a 24-hour low and a high of $3.73 and $7.30, respectively.
Also Read: Is Bitcoin Price Really In Bull Market? Glassnode Data Suggest Otherwise
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more… to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Premium Partners
Delivered every day.
- Insights that move markets
- 100,000 active subscribers
Related Articles
- December Recovery Ahead? Coinbase Outlines Why Crypto Market May Rebound
- Peter Brandt Hints at Further Downside for Bitcoin After Brief Rebound
- $1.3T BPCE To Roll Out Bitcoin, Ethereum and Solana Trading For Clients
- Why is the LUNC Price Up 70% Despite the Crypto Market’s Decline?
- CoinShares Fires Back at Arthur Hayes, Dismisses Fears Over Tether Solvency
- Ethereum Price Holds $3,000 as Bitmine Scoops Up $199M in ETH; What Next?
- Solana Price Outlook Strengthens as Spot ETFs See $15.68M in Fresh Inflows
- Dogecoin Price Gears Up for a $0.20 Breakout as Inverse H&S Takes Shape
- Bitcoin Price Forecast as BlackRock Sends $125M in BTC to Coinbase — Is a Crash Inevitable?
- XRP Price Prediction As Spot ETF Inflows Near $1 Billion: What’s Next?
- Solana Price Outlook: Reversal at Key Support Could Lead to $150 Target
