In the crypto space, proposals assist the communities in taking decisions that are based on consensus. Nonetheless, in the case of Audius – a decentralized music venue – the authorization of a bad governance proposal paved the way toward the transaction of up to $6.1M worth of tokens and the hacker took away nearly $1M.
Hacker Exploited Audius and Fled with $1.08M in AUDIO Tokens
On 24th July, Proposal #85 – a bad proposal – requested to transact approximately 18M in AUDIO (the in-house tokens of Audius) and was authorized after the community voting. The hacker generated a mischievous proposal and was capable of becoming the governance contract’s single custodian. On being informed about the incident, Audius’ group shared a Twitter post and assured the community members that they are making adequate endeavors to investigate the matter and the results will be shortly shared by them.
Roneil Rumburg – the CEO and co-founder of Audius – disclosed that the respective proposal was not passed on by the community. He categorized the incident as an exploit and added that none of the legitimate means proposed or approved the proposal. In his words, it just took place to utilize the governance system to be the point of entry for the attack. Additional inquiry by Audius brought to the front that it was the AUDIO tokens’ unauthorized transaction from the treasury of the firm.
Smart Contracts Shortly Resumed by Audius
After the disclosure, Audius preemptively terminated the AUDIO tokens and smart contracts on over the Ethereum blockchain to stay away from extra losses. Nevertheless, the firm restarted token transactions after a momentary stoppage, asserting that the smart contract operability is being resumed following a comprehensive investigation of the platform’s vulnerability. Peckshield, a blockchain investigator, specified that the issue was existing within the storage layout irregularities of Audius.
While the governance proposal of the hacker drained almost 18M ($6M) worth of tokens from the treasury of Audius, it was shortly dumped as well as traded for just $1.08M. While the consequence of the dumping was maximum slippage, investors suggested a rapid buyback to keep investors from further dumping as well as decreasing the floor price of the token.
Rumburg claimed that the exploit’s root cause has been corrected and there is no chance for its re-exploitation. Keeping in view that the community treasury is preserved in a separate place from the treasury of the foundation, the existing funds are secure from the exploits.
All trademarks, logos, and images displayed on this site belong to their respective owners and have been utilized under the Fair Use Act. The materials on this site should not be interpreted as financial advice. When we incorporate content from other sites, we ensure each author receives proper attribution by providing a link to the original content. This site might maintain financial affiliations with a selection of the brands and firms mentioned herein. As a result, we may receive compensation if our readers opt to click on these links within our content and subsequently register for the products or services on offer. However, we neither represent nor endorse these services, brands, or companies. Therefore, any disputes that may arise with the mentioned brands or companies need to be directly addressed with the respective parties involved. We urge our readers to exercise their own judgement when clicking on links within our content and ultimately signing up for any products or services. The responsibility lies solely with them. Please read our full disclaimer and terms of use policy here.