Coindesk Logo

Tornado Cash Reportedly Suffers Backend Exploit, User Deposits at Risk

Tornado Cash Reportedly Suffers Backend Exploit, User Deposits at Risk

Tornado Cash Reportedly Suffers Backend Exploit, User Deposits at Risk

The exploit has the function to steal deposit data and deposited funds.

The exploit has the function to steal deposit data and deposited funds.

The exploit has the function to steal deposit data and deposited funds.

AccessTimeIconFeb 26, 2024, 3:08 PM
Updated Mar 8, 2024, 10:10 PM
Tornado Cash hit by backend exploit (Nikolas Noonan/Unsplash)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now
  • Tornado Cash deposits and deposit data is reportedly at risk.
  • A proposal has been made to revert back to a previous version of the protocol's IPFS deployment.

User deposits on token mixer Tornado Cash are reportedly at risk following the insertion of malicious code in the protocol's back end, according to a Medium post by community member Gas404.

The post explains that a malicious javascript code was hidden from a two-month-old governance proposal submitted by an alleged Tornado Cash developer on Jan. 1. The code redirects deposit data to a public server hosted by the alleged developer.

The function of the exploit is to leak Tornado Cash deposit data and there is also a function to steal a deposit itself. According to Gas404, one deposit was stolen out of this batch seen on etherscan.

Tornado Cash trading volume nosedived by more than 90% after the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC) sanctioned Tornado Cash in August 2022.

Gas404 has proposed that Tornado Cash should revert to a previous IPFS ContextHash deployment used in a previous version of TornadoCash.

Edited by Stephen Alpher.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Oliver Knight is a CoinDesk reporter based between London and Lisbon. He does not own any crypto.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.