Cryptocurrency trading mixer Tornado Cash suffered an administrative attack on Sunday. The attackers took full control of Tornado Cash by giving themselves 1.2 million votes via a malicious proposal, which exceeded 700,000 legitimate votes.
The attackers pulled TORN from the Tornado Cash management vault. They sold TORN for .ether (ETH). TORN price fell 35% to a 24-hour low of $3.7.
Cryptocurrency exchanges such as Binance on May 21 suspended TORN deposits as a precautionary measure. However, some trading platforms have announced that deposits and withdrawals are still taking place.
Here's How to Attack Tornado Cash The Tornado Cash team was looking to make a fresh start following US sanctions, the arrest of Alex Bertsev, and other cases. A malicious revocation proposal was posted a few days ago and the team noticed a possible exploit at the governance level but took no action because TORN had not moved. The team was also looking at contracts being published after the proposal was successfully passed.
We didn't notice this because we were looking at contracts being propagated (as we saw in the analysis) but we considered them safe even though we completely lost the ability to use the self-destruct call with create2 to execute arbitrary code (for memory governance). ”
Tornado Cash asked everyone to withdraw their funds restricted to governance while they looked into the issue and suggested that the changes be rolled back by the attackers.
revealed Samczsun, researcher at Paradigm. Tornado Cash management effectively failed on May 20 at 07:25:11 UTC. The attacker gained complete control over the Tornado Cash management to withdraw all locked votes. and draining TORN tokens into the management liquidity pool. And install the router, by adding an add-on in the malicious suggestion that mimics the recently passed one.
The hackers executed a self-destruct call using create2 to replace the nodes and then perform balance additions. Initially, 10,000 votes like TORN were pulled from the governance vault and sold off.
Moreover, attackers can also drain all ETH into pools by upgrading nodes as TornadoCash Nova is deployed in the Gnosis Chain as a proxy.
So far, a Tornado Cash management miner has deposited 6K TORN to Bitrue. Exchange 380K TORN for ETH, and convert 372 ETH into Tornado Cash. The attackers still have some TORN.
TORN price fell by 50% TORN price fell by more than 50% in the last 24 hours as attackers siphoned off tokens and sold them to the platforms. Tornado Cash is really in trouble because governance funds are at risk and other impacts remain uncertain.
Tornado Cash price is currently trading at $4.52. With a 24-hour low and a high of $3.73 and $7.30, respectively.