- An exploiter stole 473,000 TORN, the unique mixer token price over $2.1 million.
- With greater than 700,000 votes, the attacker took full management of the administration.
An attacker used a fraudulent contract to achieve entry to 1000’s of votes and take full management of the favored cryptocurrency mixer Twister Money. Paradigm web3 analysis analyst @samczsun was the primary to identify the issue over the weekend.
In response to a tweet by person samczsun, the attacker mentioned he based mostly his malicious proposal on the identical reasoning because the earlier proposal, with out acknowledging that they included an extra function. Nevertheless, the attacker lately “printed a brand new proposal to revive the management state,” in accordance with a thread on the mixer group discussion board.
Full administrative management
As quickly because the request was authorized by Twister Money customers, the exploiter activated the emergency cease mechanism and adjusted the logic of the provide to acquire 1.2 million pretend votes. After receiving greater than 700,000 legitimate votes, the attacker took full administrative management of the cryptocurrency mixer.
An attacker can now do something they need, together with eradicating all locked votes, exhausting all administration contract tokens, and even blocking the router. Nevertheless, they can’t empty particular swimming pools.
Web3 media collective @WhaleCoinTalk tweeted that shortly after taking management of the Twister Money contract, an exploiter stole 473,000 TORN, a neighborhood mixer token price over $2.1 million, from the administration contract. The unhealthy actor made a revenue from the sale of the property and transferred the money to Twister.
A member of the group concerned, generally known as Tornadosaurus-Hex, mentioned the assault broken all funds below administration and requested that each one members take away their property from the contract.
Really helpful for you:
Hacker takes management of cryptocurrency mixer Twister Money
