About Audius Project:
Audius is a decentralised music streaming service, built on POA Network, an Ethereum sidechain, and later moved some services to the Solana blockchain. It lets artists upload their tunes to the app and connects fans directly with artists and exclusive new music.
Hack Recap:
The attacker called the "initialize" function in the Audius governance contract to modify configurations (through re-initialization) such as "voting period", "execution delay", and "guardian address".
The attacker created and passed a malicious governance proposal to transfer out 18.5M AUDIO tokens from the community treasury.
Then, they successfully swapped these $6M worth of tokens on Uniswap for only $705 ETH (~$1.1 Million), due to high slippage.
Audius Team Response:
The issue has been found and fixes are in progress to get things back to a stable state. To prevent further damage, all Audius smart contracts on Ethereum had to be halted, including the token. We do not believe any further funds are at risk. More updates / post-mortem soon. While these fixes are being completed, token balances, transfers, etc will be temporarily unavailable The Stolen funds are currently at this address:
0xa0c7BD318D69424603CBf91e9969870F21B8ab4c
Submitted July 24, 2022 at 12:11AM by SurenRongyao https://ift.tt/wlBKhC2 https://ift.tt/ZMsm0Wq
No comments:
Post a Comment