Hacker Drains $1.08 Million From Audius After Passing Malicious Proposal

Proposals in crypto help communities make consensus decisions. However, for decentralized music platform Auduis, the adoption of a malic...



Proposals in crypto help communities make consensus decisions. However, for decentralized music platform Auduis, the adoption of a malicious governance proposal resulted in the transfer of tokens worth $5.9 million, with the hacker taking home $1 million.

On July 24, a malicious proposal (Proposal #85) requesting the transfer of 18 million internal AUDIO tokens from Audius was approved by community vote. First reported on Crypto Twitter by @spreekaway, the attacker established the malicious proposal in which they were “able to call initialize() and set themselves as the sole custodian of the governance contract”.

Further investigation by Auduis confirmed the unauthorized transfer of AUDIO tokens from company cash. Following the revelation, Auduis proactively discontinued all Audius smart contracts and AUDIO tokens on the Ethereum blockchain.

Blockchain investigator Peckshield narrowed the blame to inconsistencies in Audius’ storage layout.

While the hacker’s governance proposal drained 18 million tokens worth almost $6 million from the treasury, it was quickly dumped and sold for $1.08 million. While the dumping resulted in maximum slippage, investors recommended an immediate buyout to prevent existing investors from dumping and lowering the floor price of the token further.

Investors have yet to get clarification on the stolen funds, as one investor asked, “They hacked into the community fund, right? The team fund is separate, right? »

While a post-mortem report is pending, Audius has yet to respond to Cointelegraph’s request for comment.

Related: Yuga Labs Warns of ‘Persistent Threat Group’ Targeting NFT Holders

Bored Ape Yacht Club (BAYC) creator Yuga Labs has issued its second warning of an expected “coordinated attack” on its social media accounts.

In June, Gordon Goner, pseudonymous co-founder of Yuga Labs, issued the first warning of a possible incoming attack on his Twitter social media accounts. Shortly after the warning, Twitter officials actively monitored the accounts and tightened their existing security.