Audius hack: 18 million AUDIO tokens stolen

Audius hack: exploit of the platform’s governance 

On July 23, Audius, a decentralized music streaming platform, was exploited for $1 million. The Audius hack was due tcompromised bugised in the platform’s governance, staking, and delegation contracts.

It allowed the hacker to exploit the platform’s voting system and change the amount of AUDIO staked in the network. In the end, the hacker managed to transfer 18 million AUDIO, Audius’ in-house token, to their wallet. 

Audius hack-related funds ended up on a mixing service

The hacker managed to steal 18 million AUDIO tokens worth over $6 million. They then swapped these tokens against Ethers for a value of around $1 million. Scorechain promptly added the hacker’s address 0xa0c7bd318d69424603cbf91e9969870f21b8ab4c to the database. It flagged the address as ‘Hack’ with an associated low Risk Scoring.

More specifically, the hacker’s address 0xa0c7bd318 received 18,564,497.82 AUDIO tokens. At the time of the exploit, this was worth over $6 million.

After this, the hacker swapped the 18 million AUDIO tokens against 705 Ethers for a value of around $1 million.

Finally, the hacker sent the Ether funds to Tornado Cash mixer to launder the loot. They sent the funds to the mixer in 20 transactions, as shown in the Exploration Tool below.

Crypto hacks on the rise: how to protect against risk?

The Audius exploit is the latest of a long string of hacks that took place in 2022. Our Anatomy of a Crypto Hack report estimates in Q1 2022, almost $1.2 million in crypto-assets was lost to hackers. 

Also, it is essential to note that using crypto mixers in case of illegal activities, like hacks, is common. While not all mixer-processed crypto-assets derive from illegal sources, they remain one of the go-to tools to launder illicit funds. Before the Audius exploit, funds from the Bitfinex hack or the Ronin hack also reached mixing services, for instance.

Funds associated with crypto hacks and illegal crypto activities such as scams, and phishing campaigns, represent higher risks in terms of money laundering and terrorism financing (ML/TF). It is therefore crucial for companies onboarding crypto to identify potential attempts of crypto laundering and prevent their exposure to such risks.

Since 2015, companies have been choosing Scorechain to assist them in their crypto ML/TF risk strategies, ensuring compliance with AML/CFT regulations in their jurisdiction.

Request a free demo of our blockchain analytics and crypto compliance solution.

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped over 200 customers in 45 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10 and TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. In addition, 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.