$3.9 million drained from Unleash Protocol in governance exploit and routed through Tornado Cash
Unleash Protocol lost $3.9 million due to a governance exploit, with stolen funds later sent through Tornado Cash.Summary
Unleash Protocol, an intellectual property finance platform built on the Story ecosystem, suffered a security breach resulting in the loss of approximately $3.9 million. The exploit occurred because an external address gained administrative control via Unleash's multisignature governance system, allowing an unauthorized contract upgrade that facilitated asset withdrawals. Stolen assets, including WIP, USDC, WETH, stIP, and vIP, were bridged to Ethereum and deposited into the crypto mixing service Tornado Cash. Both Unleash and analytics firm LookonChain indicated the failure stemmed from Unleash's governance, not a vulnerability in Story Protocol itself. Unleash has paused all operations and is working with security experts while advising users not to interact with its contracts.
(Source:CoinDesk)