Unleash Protocolβs decentralized IP platform suffered a $3.9 million theft due to an unauthorized contract upgrade facilitated by a compromised multisig governance system. The stolen assets were anonymized using Tornado Cash, highlighting significant risks in DeFi security and governance controls. #UnleashProtocol #TornadoCash
Keypoints
- An attacker gained administrative control over Unleash Protocolβs multisig governance system.
- The attacker executed an unauthorized smart contract upgrade enabling asset withdrawals.
- The theft involved multiple assets, including wrapped and native tokens, totaling approximately $3.9 million.
- The stolen funds were laundered through Tornado Cash, evading traceability and law enforcement.
- Unleash Protocol has paused operations and is investigating the breach with external security experts.