Tornado Cash Attacker Proposes Governance Reversal, TORN Token Value Drops by 40% in 48 Hours


Crypto Mixer Tornado Cash faced a major setback when an attacker gained control over its governance system by deploying a malicious contract and accessing thousands of votes. The incident was initially discovered by @samczsun, a researcher from Paradigm, a web3-focused investment firm.

According to samczsun’s findings, the attacker utilized a similar approach to a previously passed proposal, but covertly added an additional function to create their malicious proposal.

However, in a recent turn of events, the attacker has submitted a new proposal aimed at restoring the state of governance. This development was shared on the mixer’s community forum.

Attacker Seizes Tornado Cash Governance Following the successful passage of the attacker’s proposal, they activated the emergencyStop function and modified the proposal logic, granting themselves 1.2 million fake votes. With over 700,000 legitimate votes, the attacker now possesses complete control over Tornado Cash’s governance system.

Having gained full control, the attacker possesses the authority to perform various actions such as withdrawing locked votes, depleting tokens in the governance contract, and potentially disrupting the router. However, they are unable to drain individual pools.

samczsun issued a warning, stating, “Be careful what you vote for! While we all know that proposal descriptions can lie, proposal logic can lie too! If you’re relying on the verified source code to remain unchanged, ensure that the contract lacks the ability to self-destruct.”

Over $2.1M TORN Tokens Stolen Shortly after compromising Tornado Cash’s contract, the attacker drained 473,000 TORN tokens (equivalent to over $2.1 million) from the governance contract, as confirmed by a tweet from Web3 media group @WhaleCoinTalk. The attacker then sold these assets on-chain and reinvested the profits back into Tornado Cash.

Tornadosaurus-Hex, an active member of the Tornado Cash community, acknowledged the attack’s impact on all funds within governance and urged members to withdraw their locked assets.

While encouraging users to retrieve their funds, Tornadosaurus-Hex proposed a potential solution to revert the changes. They deployed a contract designed to undo the modifications made by the attacker. The community member requested others to review the solution and propose alternatives to address the situation.

As expected, the news of the attack led to a significant drop in the value of TORN tokens. After reaching $7.3 on May 20, the token experienced a decline of approximately 40% in the subsequent days and is currently valued at $4.5.


About Author

Bitcoin Maximalist and Toxic to our banking and monetary system. Separation of money and state is necessary just like the separation of religion and state in the past.

Disclaimer: All content found on is only for informational purposes and should not be considered as financial advice. Do your own research before making any investment. Use information at your own risk.

Leave A Reply