According to Tornadosaurus-Hex, hackers who have gained access to the system may already have begun the process of nullifying fraudulent votes. Tornadosaurus-Hex acknowledged that in this situation, the Tornado Cash community is almost powerless, as hackers seized control of the project as a result of a previous attack. It is noted that the new offer to upgrade the cryptocurrency mixer does not provide any security guarantees.
On May 20, attackers appropriated 1.2 million votes by injecting a malicious application. It activates the EmergencyStop function, which changes the logic of the management contract. By gaining full control over the protocol, a hacker can revoke all blocked votes, withdraw tokens from the control contract, and block the router. The attackers have already withdrawn 10,000 votes as TORN tokens and liquidated them.
In August 2022, the US Treasury Department placed Tornado Cash on a sanctions list, saying that the service was used by North Korean hackers to launder illegally received funds.
In April, it became known that Alexey Pertsev, the developer of the cryptomixer, could be placed under house arrest pending the completion of the investigation.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
