Tornado Cash Suffers Another Governance Attack: A Fake Proposal Targets $23 Million Community Treasury
On June 25, 2026, a deceptive governance proposal (#67) appeared in the Tornado Cash DAO, masquerading as an upgrade to implement fee adjustments and token burns. Security researchers, including Sergey Shemyakov and Pascal Caversaccio, quickly identified it as malicious. The proposal's unverified code contained a hidden function designed to stealthily replace the protocol's legitimate governance address (0x5efda50f22d34F262c29268506C5Fa42cB56A1Ce) with an attacker-controlled address (0x5efda50f22d34f272c7077689d6abc42f15e285f). If passed, this would have granted the attacker control over the DAO's treasury, containing approximately $23 million in TORN tokens, and the ability to drain all relayers.
The attacker's wallet (0xd4eca8c9242b9f9faa3cf19a78defc21dc97a925) was funded via the privacy protocol Railgun four days prior, obscuring the source. The community response was swift, with the proposal receiving 27,163 TORN votes against (100%) and 0 for, far below the 100,000 TORN quorum required for validity. It is set to expire on June 30.
This incident marks the second major governance attack on Tornado Cash, following a May 2023 exploit that stole $2.17 million. It highlights persistent vulnerabilities in DAO structures where power derives from token ownership. The article advises users to follow security researchers, vote against unverified proposals, and delegate voting power. For developers, implementing timelocks—a delay between proposal approval and execution—is presented as a critical security measure to allow for community review and intervention.
Foresight NewsHace 34 min(s)
![Assessing Sonic’s [S] 12% price drop and why more selling may be next](https://d1x7dwosqaosdj.cloudfront.net/images/2026-06/161e3d66eea4402796d2e6a66d93d453.jpg)
