Cointime

Download App
iOS & Android

Tornado Cash suffers backend attack, user deposits at risk

Tornado Cash has suffered a backend attack with a vulnerability that can steal deposit data and funds, putting user deposits at risk, as reported by CoinDesk. As per a Medium post by community member Gas404, malicious javascript code was hidden in a governance proposal submitted by a so-called Tornado Cash developer two months prior to January 1st. The code redirected deposit data to a public server hosted by the same developer, resulting in one deposit being stolen.

Comments

All Comments

Recommended for you