ETH

Ad Placeholder

Sponsored Ad

Crypto Mixer Tornado Cash Under Attack: Exploiter Seizes Governance Control

chain

Absolute control over the governance enables the exploiter to withdraw all the locked votes, drain all of the tokens in the governance contract, and brick the router.

BSCN

May 21, 2023

Tornado Cash, the decentralized crypto mixer, is facing yet another challenge as an attacker has reportedly seized control of the protocol's governance through a malicious proposal. 

On May 20, at 7:25 UTC, an attacker successfully granted themselves 1,200,000 votes through a malicious proposal. With the proposal receiving more than 700,000 legitimate votes, the attacker gained full control. The news was shared by @samczsun of research-driven technology investment firm, Paradigm. 

@samczsun disclosed that the attacker introduced an additional function to the malicious proposal, employing the same logic as a previously approved proposal. 

“Once the proposal was passed by voters, the attacker simply used the emergencyStop function to update the proposal logic to grant themselves the fake votes”.

Complete control over the governance allows the exploiter to withdraw all of the locked votes, drain all of the tokens in the governance contract, and brick the router. This, however, does not allow them to drain individual pools. 

Tornado Cash has confirmed on its forum that all funds held within the governance are potentially compromised. As a precautionary measure, users have been advised to immediately withdraw any locked funds. Additionally, in the early hours of today, PeckShieldAlert revealed that the Tornado Cash Governance Exploiter has deposited 6000 to crypto exchange Bitrue, and swapped approximately 380,000 $TORN for $ETH, and further transferred 372 $ETH into Tornado Cash. 

The exploit serves as a reminder for crypto investors and protocols to thoroughly evaluate proposal descriptions and logic.

What is Tornado Cash:

Tornado Cash is a decentralized and non-custodial privacy solution that allows users to send and receive Ethereum (ETH) anonymously. The protocol uses zero-knowledge proofs and other cryptographic techniques to ensure that transactions are untraceable and unlinkable.

Where to find Tornado Cash:

Website | Twitter | Telegram

Latest News

April 21, 2025

Internet Computer & ICP: Building a Decentralized Internet

April 21, 2025

LayerEdge’s Proof of Humanity: What it Means for Users

April 21, 2025

Not Pixel’s $PX Token: Is a Major CEX Listing Set for 2025?

April 21, 2025

Pi Network Reveals Mainnet Migration Roadmap and Tokenomics for 2025

April 21, 2025

Pi Network Confirmed as Block Sponsor at Consensus 2025, Founder to Speak

April 21, 2025

Vietnam Prepares for State Backed Crypto Exchange With Bybit Support

April 21, 2025

How Does BabyDoge Puppy.fun Work?

April 21, 2025

Vitalik Buterin Proposes Radical Overhaul for Ethereum by Replacing EVM

Project & Token Reviews

Learn about the hottest projects & tokens

View AllRight

Latest Crypto News

Get up to date with the latest crypto news stories and events

View AllRight
PROMO

PBC88: A Leading Online Gaming Website in Bangladesh

April 21, 2025

Deepdive

Internet Computer & ICP: Building a Decentralized Internet

April 21, 2025

Research

LayerEdge’s Proof of Humanity: What it Means for Users

April 21, 2025

Research

Not Pixel’s $PX Token: Is a Major CEX Listing Set for 2025?

April 21, 2025

News

Pi Network Reveals Mainnet Migration Roadmap and Tokenomics for 2025

April 21, 2025

Join our newsletter

Sign up for the very best tutorials and the latest Web3 news.

Subscribe Here!
BSCN

BSCN

BSCN RSS Feed

BSCN (fka BSC News) is your go-to destination for all things crypto and blockchain. Discover the latest cryptocurrency news, market analysis and research, covering Bitcoin, Ethereum, altcoins, memecoins, and everything in between.

News

BitcoinEthereumSolanaBNBPI NetworkAltcoinsMemecoinsiGaming

About Us

Contact usAbout usPrivacy PolicyTerms of service

© 2025 BSCN. All rights reserved.