Nefarious ill doers have once again soiled the good name of the digital space. This time, utilizing devious hackery to drain 18.5 million $AUDIO ($5.8m) tokens form the treasury of Web3 streaming platform, Audius.
The dastardly attack took place on July 23 and exploited a vulnerability in the governance, staking, and delegation contracts. However, Audius has revealed it has now closed off the exploit and secured its remaining assets. Despite this, it has also taken precautionary measures to protect from any malicious code the attackers may have left behind.
Post-mortem from this weekend’s attack is now live: https://t.co/aPUv2fPUm7
– Audited contracts were compromised due to an exploit in the contract initialization code that allowed repeated invocations of the “initialize” function.
— Audius 🎧 (@AudiusProject) July 25, 2022
Following the despicable heist, crypto sleuths discovered that the culprits had swapped the tokens for 705 ETH ($1m) by utilizing the Uniswap protocol, and setting a lowball offer to guarantee a trade. After which, the unwelcome hackers funnelled the ill-gotten funds through a private transaction tool and hid any further movement from the watchful eyes of the Web3 community.
Immediately following the hack, Audius conducted a thorough investigation into the events that transpired, taking note of the damage caused, the reasons behind the theft, and the solutions required to prevent a repeat occurrence. Going forward however, a great deal of due diligence will be required to secure the platform from these unwelcome pretenders.
Read the full report >> Here