The DAO handling operations, funds and future plans of privacy-focused crypto mixer Tornado Cash was effectively taken over by an unidentified attacker, or group of attackers, on Saturday.
DAOs, short for decentralized autonomous organizations, allow token holders to lock up their holdings as votes for proposing changes to a project. These changes can range from deploying treasury funds to purposes that benefit the project to expansion on other networks.
At the start of the weekend, the attacker floated a malicious proposal that hid a code function that granted them fake votes that can now be used to handle some aspects of Tornado Cash, such as torn (TORN) tokens held in the main governance contract or withdrawal of locked torn tokens.
This was done by putting forth a proposal that imitated an earlier version – except with some malicious code that allowed for the update of logic that gave the attacker access to all governance votes.
“Now that they have all the votes, they can do whatever they want,” security research @samczsun tweeted on Sunday. “In this case, they simply withdrew 10,000 votes as TORN and sold it all.”
As such, this attack does not impact the actual Tornado Cash protocol – which allows users to pass funds through the service to mask or obscure the movements of funds and crypto addresses. This attack was not an exploit of any smart contracts or technology related to the working of Tornado Cash.
Others suggested making a new contract altogether and airdropping new tokens to holders.
Torn prices slumped as much as 40% in the past 24 hours as a result of the governance attack, data shows.
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.