Malicious governance proposal puts $23M in TORN at risk

A governance proposal suspected of containing malware has been submitted to the crypto mixing protocol Tornado Cash (TORN), putting $23 million worth of the token at risk of theft, blockchain security researcher Sergey Shemyakov reported via X. He explained that the proposal's contract code is unverified and that its proposer received funds through the privacy tool Railgun, adding that it is structured to potentially seize control of the DAO's governance. Shemyakov urged caution in voting, stating that while the mixing pool itself is safe, the proposal could be a direct attack targeting the DAO.