In crypto, proposals help communities to make decisions based on consensus. But sometimes, proposals can be malicious. According to Cointelegraph, the music platform Audius passed on a malicious governance proposal, which resulted in a the transfer of tokens worth $6.1 million. From this proposal, the hacker made $1 million. This proposal, requesting the transfer of 18 million tokens, was approved by community voting on Sunday.
Audius co-founder and CEO Roneil Rumburg stated:
“This was an exploit – not a proposal proposed or passed through any legitimate means – it just happened to use the governance system as the entry point for the attack.”
The attacker created the malicious proposal where he was able to make use of the initialize function and set himself as the sole guardian of the governance contract, thus leading to Audius being hacked. According to blockchain investigator Peckshield, the issue of Audius lies in inconsistent storage layout between its proxy and implementation.
In the boom of crypto and NFTs, it is expected that these attacks like Audius being hacked will rise. The creator of Bored Ape Yacht Club NFT Yuga Labs tweeted about a potential hacker attack targeting the NFT community, encouraging people to stay safe and be aware where possible. This is sadly not the first hack, and certainly won’t be the last.
Source: @weraveyou, @audius
Written by: Artificial Intelligence Technology