Share this article
Tornado Cash Reportedly Suffers Backend Exploit, User Deposits at Risk
The exploit has the function to steal deposit data and deposited funds.
Updated Mar 8, 2024, 10:10 p.m. Published Feb 26, 2024, 3:08 p.m. 1 min read
- Tornado Cash deposits and deposit data is reportedly at risk.
- A proposal has been made to revert back to a previous version of the protocol's IPFS deployment.
User deposits on token mixer Tornado Cash are reportedly at risk following the insertion of malicious code in the protocol's back end, according to a Medium post by community member Gas404.
The post explains that a malicious javascript code was hidden from a two-month-old governance proposal submitted by an alleged Tornado Cash developer on Jan. 1. The code redirects deposit data to a public server hosted by the alleged developer.
The function of the exploit is to leak Tornado Cash deposit data and there is also a function to steal a deposit itself. According to Gas404, one deposit was stolen out of this batch seen on etherscan.
Tornado Cash trading volume nosedived by more than 90% after the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC) sanctioned Tornado Cash in August 2022.
Gas404 has proposed that Tornado Cash should revert to a previous IPFS ContextHash deployment used in a previous version of TornadoCash.
Sizin için daha fazlası
FalconX has hired Cantor and other bankers to advise on a potential IPO and confidentially filed draft paperwork with the SEC, though the listing is not expected until later this year amid volatile market conditions.
Bilinmesi gerekenler:
- FalconX has confidentially filed a draft S-1 with the SEC and hired Cantor to advise on a potential IPO, according to a source.
- The crypto prime broker, last valued at $8 billion in 2022, serves institutional clients including hedge funds, asset managers and market makers.
- Cooling investor sentiment, weaker trading...
Top Stories
