Hacker Enjoys Huge Payday After Passing Malicious Proposal on Audius

Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

Over the weekend, Audius had a security breach on its platform. To assist with the investigation of its breach, the music streaming service has extended an invitation to interested community members.

Audius Community Inadvertently Helps a Hacker

Audius is a decentralised music streaming platform where users can stream and earn $Audio Token Rewards. It was recently confirmed in a Twitter post that there had been an unauthorised transfer of its AUDIO tokens.

The transfer appears to have originated from a malicious proposal on the Audios network. Proposal #85 requested the transfer of 18 million AUDIO tokens. Surprisingly, it got approval from the Audius community. The hacker appeared to have created the malicious proposal to call and set themselves as the sole guardian of the governance contract. Hence, they had control over the execution of the transfer.

Further investigation from Audius confirmed that the hacker had transferred the AUDIO tokens from the platform’s treasury. Following the findings, Audius halted all smart contracts and AUDIO tokens on the Ethereum blockchain to prevent additional transfers.

The company eventually resumed all transfers, confirming that it had mitigated the vulnerability and that operations were back to normal.

Peckshield, a blockchain forensic investigator, explained in a report that the problem appeared to be caused by inconsistencies with Audius’s storage layout. The inconsistencies appear to have been fixed now, but the hacker made off with a handsome payday.

After transferring 18 million AUDIO tokens, the hacker became $6 million richer. However, the hacker was only able to dump the tokens for about $1.08 million due to high market volatility and slippage levels. At press time, the hacker appears to have moved most of the funds away from their wallet.

Everyone on High Alert

The security breach is just the latest in attacks on decentralised platforms. Last week, Yuga Labs – the creators of the popular Bored Ape Yacht Club (BAYC) non-fungible token (NFT) collection – confirmed that they had been tracking reports of a possible coordinated attack against the community.

In a Twitter post, Yuba Labs explained that the attack could be targeted at the broader NFT community, with hackers looking to capitalise on social media. Yuga Labs has been on a massive hack alert for quite a while now. The company has some of the best NFTs to buy, including its BAYC collection, Mutant Ape Yacht Club (MAYC), and CryptoKitties collection that it purchased from Larva Labs earlier this year. After the company raised $450 million in a seed funding round and announced plans to launch its Otherside metaverse, its Discord channel was hacked.

According to blockchain investigator OKHotshot, the hackers were able to break into the Discord account after gaining access to the profile of Boris Vagner – the company’s community and social media manager. The hackers managed to make away with 145 ETH, putting the entire Yuga Labs and APE community on high alert.

Less than two weeks later, Gordon Goner – Yuga Labs’ pseudonymous co-founder – took to Twitter to announce that he had reason to believe a second hack was on its way. Goner claimed that he had gotten “credible information” that an insider at Twitter was working with hackers and helping them to bypass Yuga Labs’ accounts – most likely to run a phishing campaign.

Although there hasn’t been an attack yet, Goner’s post indicates that the company is monitoring its security closely – something that decentralised protocol users and investors who buy Ape NFTs should also note.

Buy Crypto at eToro from just $50 Now!

Mobile AppYes
  • Invest in a wide range of cryptocurrencies
  • Ability to copy more experienced investors and their decisions
  • eToro crypto wallet included which makes it beginner-friendly
0% CommissionVisit WebsiteOur score 10

About Jimmy Aki PRO INVESTOR

Based in the UK, Jimmy is an economic researcher with outstanding hands-on and heads-on experience in Macroeconomic finance analysis, forecasting and planning. He has honed his skills having worked cross-continental as a finance analyst, which gives him inter-cultural experience. He currently has a strong passion for regulation and macroeconomic trends as it allows him peek under the global bonnet to see how the world works.