Code injected into Tornado Cash on January 1 puts user funds at risk

February 27, 2024 at 09:29AM Malicious JavaScript code in a Tornado Cash governance proposal has leaked deposit notes to a private server for almost two months, compromising fund transaction privacy and security. Security researcher Gas404 discovered the code and urged stakeholders to veto the proposal. The compromised protocol introduced the code and Tornado Cash urges … Read more