A cryptocurrency hacker was able to drain over $1 million in funds from Audius, a decentralized music platform. This comes after passing a malicious proposal that ended up with a transfer of almost $6 million, of which $1 million has been stolen by the hacker. The information was released a few hours ago by the Audius Project on Twitter.
Hacker Steals $1 Million from Audius
The cryptocurrency industry is plagued with hacks and attacks to growing projects. This time, the hacker passed a malicious proposal in which it requested 18 million AUDIO tokens to be transferred. The community approved the proposal in which the hacker was the guardian of the governance contract. Therefore, he was able to get $1 million worth of these tokens.
Hello everyone – our team is aware of reports of an unauthorized transfer of AUDIO tokens from the community treasury. We are actively investigating and will report back as soon as we know more.
If you'd like to help our response team, please reach out.
— Audius 🎧 (@audius) July 24, 2022
According to PeckShield Inc. a blockchain security and data analytics company, the issue of Audius Project lies in the fact that there was an inconsistent storage layout between its proxy and impl. This resulted in the collision of the Audius Community Treasury contract.
In order for the attacker to get the funds, he sold the tokens in the market and got $1.08 million. This happened because he created a massive slippage. In order to stop the bleeding, some investors suggested that it was a good idea to purchase more tokens and avoid the price from falling even further.
At the moment, there is no further information on what happened or how the protocol is expected to improve its security in the future. Social media networks are going to play a very important role in order to understanding what happened and what can be improved so the same issue does not happen in the future.
Let’s not forget that the cryptocurrency market is constantly a target of attacks. There have been hundreds if not thousands of projects targeted over the last years by hackers. In many cases, attackers drained millions of dollars in stolen funds, and in some other cases, they were stopped before.
While centralised cryptocurrency exchanges are usually some of the most common targets for hackers, with the expansion of different decentralized protocols, the community believed that it was going to be difficult for hackers to get users’ funds. However, most of these protocols seem to be full of vulnerabilities that experienced hackers knew how to exploit.
The attack over the Audius Protocol is just one of the most recent attempts by hackers to steal users’ funds. However, we should expect similar things to happen in the future. For example, Yuga Labs, the creator and issuer of the famous Bored Ape Yacht Club NFT collection, informed that their security teams have been tracking threat groups that target the NFT community. Additionally, they mentioned that there could soon be a coordinated attack on different communities using social media accounts.
As we can see, there are many different attack vectors linked to the cryptocurrency community, and these are just some of them. In the future, we should expect other types of issues that could affect the whole crypto ecosystem.