Proposals in the crypto sector help communities to carry out consensus-based decisions. However, this has led to a serious attack on the NFT music platform, Audius.
According to reports, an anonymous hacker has stolen in-house tokens from the Audius platform. The hacker used Proposal #85, which is a governance proposal to conduct the exploit.
The hacker requested the transfer of over 18 million AUDIO tokens ($6.1 million). However, the attacker only made sway with about $1.08 million.
Hacker Uses Proposal #85 To Steal AUDIO Tokens
On Sunday, a community voting on the Audius ecosystem allowed the transfer of 18 million AUDIO tokens. However, a fraudster had orchestrated the proposal.
According to Crypto Twitter, the fraudster created a proposal that made him the only guardian of the governance contract. By so doing, the fraudster approved the transfer of the tokens.
Meanwhile, Roneil Rumburg, CEO of Audius, has commented on the attack. He said the Audius community were not responsible for the malicious proposal.
“The hacker exploited the system using a malicious proposal. The community members did not endorse any proposal. Hence, they did not approve the transfer of the tokens. The hacker only exploited the governance protocol to orchestrate the attack.”
After the attack, the company stopped all AUDIO tokens and smart contracts on the ETH blockchain. This was to keenest further losses.
However, the company has resumed the transfer of tokens on the ETH blockchain. The firm noted that they identified and solved the vulnerability.
Hacker Sold AUDIO Tokens For $1.08 Million
According to Peckshield, a blockchain investigator, the inconsistencies in the firm’s storage layout allowed the attack. Moreover, the hacker had sold the stolen tokens for about $1.08 million.
This led to a maximum slippage in the price of the token. However, investors are calling for immediate buyback so that the price does not drop any further.
Meanwhile, Rumburg has also confirmed that the company has solved the cause of the hack. Therefore, no hacker can use the malicious proposal to exploit the platform.
Also, he said the treasury of the community is separate from that of the foundation. As a result, the funds left are secure from attack.
Just recently, Yuga Labs, creator of Bored Ape NFT, issued another warning on its social media platforms. Yuga warned its users of a possible attack on the platform and urged them to be cautious.