Tornado Cash Attacker Gives New Proposal To Undo Attack

Key Points:

• A request made by a wallet address related to a recent assault on the governance state of the decentralized autonomous organization (DAO) seeks to undo the harmful alterations.
• Although not everyone believes the hacker can be trusted, they seem to have little option.
• The attacker has unlimited control and can do anything they want.

An attacker who caused widespread fear by taking over the Tornado Cash governance is now seeking to reverse their compromise.

According to samczsun’s tweet, the attacker claimed to have utilized the same reasoning as a previous proposal in producing their malicious proposal, without revealing that they included an additional function.

On May 21, the attacker gained entire control over Tornado Cash’s governance due to the adoption of a fraudulent proposal. Having complete control over the governance of the decentralized crypto mixer, the attacker might inflict significant damages by withdrawing all of the locked votes, draining all of the tokens in the governance contract, and bricking the router.

Nevertheless, according to a post on the mixer’s community forum, the attacker submitted a fresh plan to restore the condition of governance.

Throughout the course of the narrative, community member Tornadosaurus-Hex, also known as Mr. Tornadosaurus Hex, took proactive efforts to mitigate the possible harm by releasing a later proposal urging all members to withdraw any monies locked in governance, as seen below.

“The attacker posted a new proposal to restore the state of governance,” stated user Tornadosaurus-Hex on the Tornado Cash community forum.

Tornadosaurus-Hex said that the attacker is resetting their TORN tokens to zero.

The exploiter immediately developed the emergencyStop function and changed the proposal logic after Tornado Cash voters approved the proposal, granting themselves 1.2 million bogus votes. With over 700,000 legal votes, the attacker has taken complete control of the crypto mixer’s governance.

The attacker has total power and may do anything they want, such as withdrawing all locked votes, draining all tokens in the governance contract, and bricking the router. They cannot, however, drain individual pools.

Several community members have cautioned that restoring the project’s default governance may not be beneficial. 0xdeadf4ce speculated on Twitter that the idea may be an effort to further influence the price of Tornado Cash’s TORN coin.

A recovery might enable the attacker to profit from the fact that his first strike caused the value of TORN to plummet dramatically. As of May 21, the price has only partly rebounded to $4.03, and even a slight recovery might increase the value of any stolen crypto.

If the recovery plan isn’t a ploy to boost costs, it may be a prank or an “expensive but not disastrous” lesson. 0xdeadf4ce came to an end. He noted that the conclusion of the recovery proposal would not be known until May 26.

Hex went on to say that although the community has no choice to comply with the attacker’s preferred way of regaining governance control, his due diligence in terms of confirming storage layouts checks out.

It should be noted that Tornado Cash is still operational, despite the fact that the US Treasury sanctioned the project in August 2022. The platform is a cryptocurrency-only decentralized coin mixer. The US government seems to be either unable to actively implement sanctions on Tornado Cash because to its lack of organized operations or disinterested in doing so.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News