Hacker drained $1M from Audius after a malicious proposal requesting the 18 million tokens worth $6.1 million was approved in an exploit so let’s read more today in our latest cryptocurrency news.

The proposals in crypto communities make consensus-based decisions but the decentralized platform Audius had a passing of a malicious governance protocol that resulted in the transfer of tokens worth $6.1 million and the hacker drained $1M from Audius as well. The malicious proposal requesting the transfer of the tokens was approved by community voting. The attacker created the proposal wherein they were able to call initialize and set himself as the sole guardian of the government contract. The co-founder and CEO Roneil Rumbug clarified that the community didn’t pass the proposal:

“This was an exploit – not a proposal proposed or passed through any legitimate means – it just happened to use the governance system as the entry point for the attack.”

Hello everyone – our team is aware of reports of an unauthorized transfer of AUDIO tokens from the community treasury. We are actively investigating and will report back as soon as we know more.

If you’d like to help our response team, please reach out.

— Audius 🎧 (@AudiusProject) July 24, 2022

Further investigation from the platform confirmed the unauthorized transfers of the AUDIO tokens from the company’s treasury. After the revelation, Audius halted all smart contracts and tokens on the Ethereum blockchain to avoid further losses. The company resumed the token transfers after and added that the remaining smart contract functionality is being unpaused after the examination of the vulnerability. While the hacker’s governance proposal drained out 18 million tokens worth $6 million from the treasury and was then dumped and sold for $1.08 million.

The issue of @AudiusProject lies in inconsistent storage layout between its proxy and impl. In particular, the collision of Audius Community Treasury contract results in an equivalence of disabling the initializer modifier. The proxyAdmin addr (0x..abac) plays a role here. pic.twitter.com/x4CqRncahp

— PeckShield Inc. (@peckshield) July 24, 2022

While the dumping resulted in the maximum slippage, investors recommended a buyback to prevent existing investors from dumping and losing the floor price of the token. Investors still need to clarify what exactly happened with the stolen funds and whether the team’s funds are separate. Rumburg confirmed that the root cause of the exploit was mitigated and was not able to be exploited. Given the community treasury is kept separate from the foundation treasury, the rest of the funds are safe from exploits.

Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.

— Yuga Labs (@yugalabs) July 18, 2022

Bored Ape YAcht Club creator Yuga Labs issued the second warning about the expected coordinated attack and in June we saw one of the founders issuing a warning of a possible incoming attack on Twitter. After the warning, Twitter officials monitored the accounts and then fortified the existing security.