{"id":477296,"date":"2022-07-24T08:26:42","date_gmt":"2022-07-24T05:26:42","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/hacker-drains-1-08m-from-audius-following-passing-of-malicious-proposal\/"},"modified":"2022-07-24T08:26:42","modified_gmt":"2022-07-24T05:26:42","slug":"hacker-drains-1-08m-from-audius-following-passing-of-malicious-proposal","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/hacker-drains-1-08m-from-audius-following-passing-of-malicious-proposal\/","title":{"rendered":"# Hacker drains $1.08M from Audius following passing of malicious proposal"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a370b00cfa5c\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a370b00cfa5c\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/hacker-drains-1-08m-from-audius-following-passing-of-malicious-proposal\/#%E2%80%9D_Hacker_drains_108M_from_Audius_following_passing_of_malicious_proposal_%E2%80%9C\" >&#8221; Hacker drains $1.08M from Audius following passing of malicious proposal &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Hacker_drains_108M_from_Audius_following_passing_of_malicious_proposal_%E2%80%9C\"><\/span>&#8221; Hacker drains $1.08M from Audius following passing of malicious proposal &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDcvNzJkNTg2YzAtMWVmMi00NzY5LTk2ODgtM2E0ZWJmNmU0OTIxLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-28d77a7a>Proposals in crypto help communities make consensus-based decisions. However, for decentralized music platform Auduis, the passing of a malicious governance proposal resulted in the transfer of tokens worth $5.9 million, with the hacker making away with $1 million.\u00a0<\/p>\n<p>On July 24, a malicious proposal (<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/dashboard.audius.org\/#\/governance\/proposal\/85\">Proposal #85<\/a>) requesting the transfer of 18 million Audius\u2019 in-house AUDIO tokens was <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roved by community voting. First pointed out on Crypto <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> by @spreekaway, the attacker <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/oko.palkeo.com\/0xfefd829e246002a8fd061eede7501bccb6e244a9aacea0ebceaecef5d877a984\/\">created<\/a> the malicious proposal wherein they were \u201cable to call initialize() and set himself as the sole guardian of the governance contract.\u201d<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Hello everyone &#8211; our team is aware of reports of an unauthorized transfer of AUDIO tokens from the community treasury. We are actively investigating and will report back as soon as we know more.<\/p>\n<p>If you&#8217;d like to help our response team, please reach out.<\/p>\n<p>\u2014 Audius  (@AudiusProject) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/AudiusProject\/status\/1551000725169180672?ref_src=twsrc%5Etfw\">July 24, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nFurther investigation from Auduis confirmed the unauthorized transfer of AUDIO tokens from the company\u2019s treasury. Following the revelation, Auduis proactively halted all Audius smart contracts and AUDIO tokens on the Ethereum blockchain.\u00a0<\/p>\n<p>Blockchain investigator Peckshield narrowed down the fault to Audius\u2019 storage layout inconsistencies.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">The issue of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/AudiusProject?ref_src=twsrc%5Etfw\">@AudiusProject<\/a> lies in  inconsistent storage layout between its proxy and  impl. In particular, the collision of Audius Community Treasury contract results in an equivalence of  disabling the initializer modifier. The proxyAdmin addr (0x..abac) plays a role here. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/x4CqRncahp\">pic.twitter.com\/x4CqRncahp<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1551053190904238080?ref_src=twsrc%5Etfw\">July 24, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>While the hacker\u2019s governance proposal drained out 18 million tokens worth nearly $6 million from the treasury, it was soon dumped and sold for $1.08 million. While the dumping resulted in maximum slippage, investors recommended an immediate buyback to prevent existing investors from dumping and further lowering the token\u2019s floor price.\u00a0<\/p>\n<p>Investors are yet to get clarity on the stolen funds as one investor asked, \u201cThey hacked the community fund right? The team&#8217;s fund is separate correct?\u201d<\/p>\n<p>While a post-mortem report is underway, Audius has not yet responded to Cointelegraph\u2019s request for comment. <\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Yuga Labs warns of \u2018persistent threat group\u2019 targeting NFT holders<\/em><\/strong><\/p>\n<p>Bored Ape Yacht Club (BAYC) creator Yuga Labs issued its second warning about an expected \u201ccoordinated attack\u201d on its social media accounts.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.<\/p>\n<p>\u2014 Yuga Labs (@yugalabs) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/yugalabs\/status\/1549157338665336839?ref_src=twsrc%5Etfw\">July 18, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In June, Gordon Goner, pseudonymous co-founder of Yuga Labs, issued the first warning of a possible incoming attack on its Twitter social media accounts. Soon after the warning, Twitter officials actively monitored the accounts and fortified their existing security.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/hacker-drains-1-08m-from-audius-following-passing-of-malicious-proposal\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Hacker drains $1.08M from Audius following passing of malicious proposal &#8220; Proposals in crypto help communities make consensus-based decisions. However, for decentralized music platform Auduis, the passing of a malicious governance proposal resulted in the transfer of tokens worth $5.9 million, with the hacker making away with $1 million.\u00a0 On July 24, a malicious&#8230;<\/p>\n","protected":false},"author":1,"featured_media":477297,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDcvNzJkNTg2YzAtMWVmMi00NzY5LTk2ODgtM2E0ZWJmNmU0OTIxLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74894,74863,122547,74882,70944],"class_list":["post-477296","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-blockchain","tag-cryptocurrencies","tag-exp-attack","tag-hacks","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/477296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=477296"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/477296\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/477297"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=477296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=477296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=477296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}