Audius, a popular decentralized service for music streaming, was hacked for over $6 million worth of its AUDIO tokens.
Audius relies on the smart contract system, which makes it possible for decentralized applications to work without a centralized intermediary. However, it was precisely Audius’ smart contract code that the attacker exploited.
Through the service’s smart contract, community members have a say in the overall governance process. The attacker manipulated the governance process in order to claim for himself the entirety of Audius’ staking supply of AUDIO tokens.
The Audius team quickly reacted, but was unable to retrieve the money. Audius is still busy with adequately patching the service.
Interestingly, the attacker seemed to be in quite a hurry. He sold all the tokens on the Uniswap DEX for wrapped Ethereum (wETH) worth just a little over $1 million. He then sent it out through Tornado Mixer, a service often used to cover the tracks of crypto, as it mixes the coins from several transactions.