Web 3

Another Wild Story About Tornado Cash

May 23, 2023
0 2 2 minutes read

TL;DR

  • On Might 18, the Twister Money DAO unintentionally voted in a malicious proposal.

  • In brief, the attacker submitted a proposal which was accredited to be voted on, after which the sneaky attacker activated a ‘self-destruct perform’ which changed the unique proposal with a brand new, malicious one, giving them full management of the votes.

  • Then yesterday, the attacker made a new proposal to doubtlessly “restore the state of Governance.”

  • Did the attacker need to shine mild on the mission and pump up the worth of TORN? Or had been they offering a get up name for DAOs to do extra in-depth audits of the proposals despatched to them?

Full Story

Late final week, some loopy issues occurred with the Twister Money mission.

Twister Money is legendary for issues like being banned by the US Authorities.

Suffice to say it is controversial at the perfect of occasions (it is a ‘mixing service’ on the Ethereum community which mainly makes your crypto untraceable) however buckle up trigger this story is wild.

On Might 18, the Twister Money DAO unintentionally voted in a malicious proposal.

This guy explains it means higher; however in brief, the attacker submitted a proposal which was accredited to be voted on, after which the sneaky attacker activated a ‘self-destruct perform’ which changed the unique proposal with a brand new, malicious one, giving them full management of the votes.

They had been then in a position to grant themselves 1.2M TORN (that are Twister Money DAO’s governance tokens) from the governance contract.

They swapped 380,000 TORN tokens for 372 ETH and – get this – ran it again by Twister Money to make it untraceable!

See also  Rug Pulls Are Now Officially Outlawed in the US

By preserving the opposite 820k TORN tokens, they nonetheless have full management over the DAO – it is a hostile takeover if we have ever seen one.

Then yesterday, the attacker made a new proposal to doubtlessly “restore the state of Governance.”

Which led some people to consider this has all been a ploy to place the token within the highlight, boosting it is value.

On the time of this writing, TORN is down over 30% so if that was the case, it is definitely not working too nicely…

The extra seemingly state of affairs is that the attacker wished to supply a get up name for DAOs to do extra in-depth audits of the proposals despatched to them.

(And perhaps not enable proposals with a ‘self-destruct perform’ constructed into them?)



Source link

Tags
May 23, 2023
0 2 2 minutes read

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Please enter CoinGecko Free Api Key to get this plugin works.