- Tornado Cash’s governance structure was taken over by a hacker who exploited a malicious governance proposal and stole over $1 million.
- The future development of Tornado Cash is uncertain, and although the hacker’s proposal was passed, it is unclear whether they will return any stolen tokens.
A previous proposal submitted by the Tornado Cash attackers to remove the malicious code has been passed, allowing community members to regain control. The hackers stole about $1.5 million in the week he took control. It remains unclear why the hackers returned governance privileges.
In recent news, an anonymous hacker took control of the governance structure behind the Tornado Cash protocol, an OFAC-sanctioned mixer that obscures crypto transactions. The hacker exploited a malicious governance proposal, creating over 1 million fake votes and taking over the governance system.
Although the hack did not immediately damage the protocol, the hacker still controls many of the DAO’s funds. CertiK Ronghui Gu, the co-founder of a blockchain security and auditing firm, warns that Tornado Cash could fall into disrepair and not further develop.
This type of hack is becoming increasingly common, and Gu suggests that DAOs should have third-party audits of their code to prevent hostile takeovers. However, auditing every proposal slows down voting and implementation, making it expensive.
The hacker’s proposal to put everything back the way an overwhelming majority suspiciously passed on Friday, according to Fortune, and now any member of the DAO can implement it within the next two days, returning control to the community and reverting most changes. Nevertheless, over $1 million was plundered from the governance system during the hacker’s week in control. The hacker already drained a significant portion of the DAO’s funds, so it is unclear whether they care about the actual governance system or will return any stolen tokens.
Interestingly, the exploiter’s bid to give back control is rare but not unheard of. In the past, hackers have been convinced to give back a significant portion of stolen funds if they can keep a cut. In March, a hacker returned more than $1 million to Tender.fi and kept a $97,000 bounty. In another case earlier this year, a team of law enforcement figures and lawyers pressured a Russian hacker to return $200 million to Euler Finance.
After plummeting 50% to $3.60 following the hack, TORN has rebounded a bit and was trading at $4.1 at the time of writing, according to CoinMarketCap. However, the token is still down almost 3% over the past 24 hours as investors weigh the governance system’s uncertain future.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu