Audius, a Web3 music streaming platform, has become the latest victim of a crypto theft, revealing over the weekend that an attacker stole 18.6 million AUDIO tokens and sold them for 705 ETH.
As a decentralized platform, US-based Audius uses the Ethereum blockchain for its tokens.
Hackers exploited an undiscovered bug in Audius’ governance smart contract or the platform’s “community coffers” and delegated 10 trillion AUDIO tokens to themselves in an attempt to bypass an attack. governance voting.
The hackers were then able to transfer 18.6 million AUDIO tokens to a wallet they controlled, Audius said in a statement. Post-mortem report of the incident.
“The vulnerability was mitigated within hours of discovery, and work is continuing to check for storage modifications made by attackers and to ensure secure recovery of contract systems. remaining Audius.”
Audius
Audius, in a tweet on Sunday (July 24), said the problem had been found and fixes were underway, but that the platform had to suspend all smart contracts on Ethereum to prevent further damage.
As of Monday, all remaining funds and fixes have been implemented and all remaining smart contract components have been upgraded and are not suspended except for staking and authorization functions. rights, the company said in a recent update.
“The vulnerability was mitigated within hours of discovery, and work is continuing to examine archive modifications made by attackers and to ensure secure recovery of files,” Audius said. remaining Audius smart contract system.
Audius co-founder and CEO Roneil Rumburg confirmed the hack, saying that the incident “was an exploit – not a proposed proposition or through any legitimate means. “
The platform appears to have engaged Samczsun, a well-known crypto white-hat hacker, to resolve the issue, according to a source. tweet Thanks hacker.
Samczsun identified as a research partner and head of security at a venture capital firm Paradigm.
Almost a year ago, Samczsun saved SushiSwap and its Miso platform has the potential to lose up to 109,000 ETH due to the security vulnerability patch.
SushiSwap is an Ethereum-based software that incentivizes a network of users to operate a platform where they can buy and sell crypto assets.
Meanwhile, several crypto and blockchain security research firms have published their own findings on the Audius hack, including Certik and MistTrack. It was later said that hackers exchanged 18.5 million AUDIO tokens through Uniswap – a cryptocurrency exchange that uses a decentralized network protocol – for just over $1 million in ETH.
When writing, price of the AUDIO token fell nearly 9% to $0.31, its lowest level in about two weeks.
The incident marks a step backwards for Audius as it comes just days after the company launched a new service that allows artists and curators to monetize their content by allowing listeners to send advice.
Audius’s platform is more invested in the cryptographic side of things unlike mainstream streaming platforms like Spotify and Apple Music.
Rumburg said to MBW in an interview over a year ago that Audius develops features based on the recommendations of its token holders community.
“Our company is almost like a consulting shop from a business model perspective – we work on these features and hope that the community will want to continue to support the work we do, ‘ Rumburg said at the time.
Bank of America Analysts, in a recent research report, said Audius’s decentralized music streaming platform “transfers power, profits, control and governance from centralized record labels and DSPs.” focus on artists and fans”.
However, the bank warned that the platform’s usage growth has slowed since December 2021.
The startup, founded in 2018, has several artists including Katy Perry, Jason Derulo and Steve Aoki among its backers, according to data from Crunchbase.Worldwide music business
