Hacker pockets $1.1 million after stealing from music streaming protocol Audius

Decentralized music streaming protocol Audius reported that a hacker stole funds from its community treasury using a malicious governance vote. 

According to security firm CertiK, the hacker successfully modified certain configurations in the smart contract used by Audius’s governance system. With these changes, the perpetrator was able to become the “guardian” of the contract.

The hacker then proceeded to create and approve a governance proposal (Proposal #85) requesting a transfer of 18 million AUDIO tokens from the community treasury. According to on-chain data, the exploit took place at 7 p.m. ET on Saturday.

While these stolen tokens had a market value of more $6 million, the hacker could only sell them for 705 ether ($1.1 million) amid high amounts of market slippage. The exploited funds still sit in the hacker’s address.

In an update, Audius said that it had identified and fixed issues in its smart contract, adding that a post-mortem report will be provided soon. Meanwhile, the smart contract has been put on a pause.

Audius is a decentralized music streaming protocol that allows artists to monetize their work using the governance and utility token called AUDIO. The token could be used on Ethereum and Solana networks. 

© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is a reporter who has covered the ins and outs of the tech industry for more than half a decade. Prior to joining The Block, Vishal worked for media firms like Crypto Briefing, IDG ComputerWorld and CIO.com.

Source: https://www.theblock.co/post/159308/hacker-pockets-1-1-million-after-stealing-from-music-streaming-protocol-audius?utm_source=rss&utm_medium=rss