Audius, a decentralized music platform was hacked. As a result, cryptos worth $6.1 M were transferred. Hacker could make away with $1 M.
Related: Hacker opened Trezor wallet, to which investors forgot the access code
On July 27, Audius confirmed a proposal, which requested the transfer of 18 M Audius' native AUDIO tokens. On July 24, Spreek Away tweeted that the attacker made a malicious proposal. They were able to exploit the protocol and be the only guardian of the contract’s governance.
Audius released a blog post, confirming the news. The post says a bug in the contract initialization code allowed repeated invocations of the initialize functions, and Ethereum mainnet governance, staking, and delegation contracts were compromised. Exploiting the vulnerability, attackers transferred 18 M AUDIOs held by the governance contract to a wallet of their control and modified the voting system.