Erik Weijers, 7 days ago

Hacker of Tornado Cash proposes to undo attack

On Saturday, Tornado Cash's DAO was taken over by an attacker, or group of attackers. It's another backlash for the plagued coin mixer which makes privacy for Ethereum holders possible. In an interesting turn of events, a day later the attacker proposed to undo his attack. Never a boring day in crypto! 

It is a bit of a lame wordplay to say that Tornado Cash has been in the eye of the storm for a while. The attack came just when the dust had almost settled. Nine months ago, the US Government sanctioned the protocol - the first time a protocol was put on the sanctions list. US citizens could no longer use the coin mixer. 

Developer pending trial

At the time of this sanctioning, Russian Alexey Pertsev, one of the developers of Tornado Cash, was arrested in Amsterdam. He was suspected of 'involvement in concealing criminal financial flows and facilitating money laundering'. 

Only in April 2023 he was released but, pending his trial, required to stay at home, with electronic monitoring devices guarding him. A lot of people in the crypto community are worried that his arrest has no solid ground and is used as a scare tactic to discourage developers to work on privacy tools. 

The community fought back a month later. Users of Ethereum and Tornado Cash filed a lawsuit against the U.S. Treasury Department. They claim that putting Tornado Cash on the sanctions list is unconstitutional and that there are numerous legitimate ways to use this coin mixer: it's simply a privacy tool.

The Attack     

Tornado Cash's DAO (Decentralized Autonomous Organization) handles operations, funds and future plans. Any DAO allows token holders to lock up their holdings as votes for proposing changes to a project. These changes can range from deploying treasury funds to purposes that benefit the project to expansion on other networks. 

The attacker's malicious proposal contained a hidden code function that granted him/her/them fake votes. These could then be used to handle some aspects of Tornado Cash, such as withdrawal of locked torn tokens (TORN) held in the main governance contract. 

The attack undone

Naturally the TORN token, already beaten down from last year's government attacks, suffered even more. But then came another turn in the story. The attacker submitted a proposal to undo the attack and give governance back. This is less uncommon than it might seem. Hackers of crypto protocols often offer to return funds. Sometimes in exchange for a bounty. Sometimes for nothing - as their action was just meant to demonstrate a weakness. One member of the TORN community thinks this might all have been a 'gigatroll' to crash the price so the attacker could buy cheaper coins. This may not be the most likely explanation. After all, why would one buy coins of a protocol that had just been exposed as vulnerable?

Featured articles
Four trading strategies for crypto
Bitcoin and Ethereum: what are the differences?
What determines the Bitcoin price?
Related articles
Ripple scores another success against the SEC

May 17, 2023

Ripple has been fighting against the SEC in court since December 2020. Some analysts believe that the case could conclude this year, while others argue that each party could try to appeal the court’s decision. Whether the subject is finally settled, all believe the first verdict will provide essential guidance in the US judicial system. Should the SEC lose, then many other crypto projects could be strengthened. Winning the case could mean the SEC could go after many other cryptos.

Trade anytime, anywhere

Boost your trading impact and reaction time in over 80+ cryptocurrencies via instant access to your portfolio with the LiteBit app.

App Store
Google Play Store
  • 2525 Ventures B.V.
  • 3014 DA Rotterdam
  • The Netherlands
More info
  • About LiteBit
  • Support
  • Sell
  • News
  • Education
Subscribe for updates

Sign up to stay informed via our email updates

Explore popular coins
© 2023 LiteBit - All rights reserved