Hacker Enjoys Huge Payday After Passing Malicious Proposal on Audius


78
118 shares, 78 points


Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

Audius, a decentralised music streaming protocol looking to be the best among platforms like Spotify and Apple Music, has suffered a security breach.

Over the weekend, the music streaming platform confirmed in a Twitter post that it had been investigating the unauthorised transfer of its AUDIO tokens. In the post, Audius invited interested community members to help with the research.

Audius Community Inadvertently Helps a Hacker

The transfer appears to have originated from a malicious proposal on the Audios network. Proposal #85 requested the transfer of 18 million AUDIO tokens. Surprisingly, it got approval from the Audius community. The hacker appeared to have created the malicious proposal to call and set themselves as the sole guardian of the governance contract. Hence, they had control over the execution of the transfer.

Further investigation from Audius confirmed that the hacker had transferred the AUDIO tokens from the platform’s treasury. Following the findings, Audius halted all smart contracts and AUDIO tokens on the Ethereum blockchain to prevent additional transfers.

The company eventually resumed all transfers, confirming that it had mitigated the vulnerability and that operations were back to normal.

Peckshield, a blockchain forensic investigator, explained in a report that the problem appeared to be caused by inconsistencies with Audius’s storage layout. The inconsistencies appear to have been fixed now, but the hacker made off with a handsome payday.

After transferring 18 million AUDIO tokens, the hacker became $6 million richer. However, the hacker was only able to dump the tokens for about $1.08 million due to high market volatility and slippage levels. At press time, the hacker appears to have moved most of the funds away from their wallet.

Everyone on High Alert

The security breach is just the latest in attacks on decentralised platforms. Last week, Yuga Labs – the creators of the popular Bored Ape Yacht Club (BAYC) non-fungible token (NFT) collection – confirmed that they had been tracking reports of a possible coordinated attack against the community.

In a Twitter post, Yuba Labs explained that the attack could be targeted at the broader NFT community, with hackers looking to capitalise on social media. Yuga Labs has been on a massive hack alert for quite a while now. The company has some of the best NFTs to buy, including its BAYC collection, Mutant Ape Yacht Club (MAYC), and CryptoKitties collection that it purchased from Larva Labs earlier this year. After the company raised $450 million in a seed funding round and announced plans to launch its Otherside metaverse, its Discord channel was hacked.

According to blockchain investigator OKHotshot, the hackers were able to break into the Discord account after gaining access to the profile of Boris Vagner – the company’s community and social media manager. The hackers managed to make away with 145 ETH, putting the entire Yuga Labs and APE community on high alert.

Less than two weeks later, Gordon Goner – Yuga Labs’ pseudonymous co-founder – took to Twitter to announce that he had reason to believe a second hack was on its way. Goner claimed that he had gotten “credible information” that an insider at Twitter was working with hackers and helping them to bypass Yuga Labs’ accounts – most likely to run a phishing campaign.

Although there hasn’t been an attack yet, Goner’s post indicates that the company is monitoring its security closely – something that decentralised protocol users and investors who buy Ape NFTs should also note.

Buy Crypto at eToro from just $50 Now!

About Jimmy Aki PRO INVESTOR

Based in the UK, Jimmy is an economic researcher with outstanding hands-on and heads-on experience in Macroeconomic finance analysis, forecasting and planning. He has honed his skills having worked cross-continental as a finance analyst, which gives him inter-cultural experience. He currently has a strong passion for regulation and macroeconomic trends as it allows him peek under the global bonnet to see how the world works.





Source link


Like it? Share with your friends!

78
118 shares, 78 points

What's Your Reaction?

hate hate
20
hate
confused confused
6
confused
fail fail
30
fail
fun fun
26
fun
geeky geeky
23
geeky
love love
13
love
lol lol
16
lol
omg omg
6
omg
win win
30
win
Daily List

0 Comments

Choose A Format
List
The Classic Internet Listicles
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Story
Formatted Text with Embeds and Visuals
Poll
Voting to make decisions or determine opinions