Paradigm researcher Samczsun posted on Twitter that Tornado.Cash suffered a governance attack. The attacker granted himself 1,200,000 votes through a malicious proposal (adding additional features to the proposal that enabled him to update the proposal logic to obtain false votes). Since this exceeds the number of approximately 700,000 legitimate votes, the attacker now has complete control.
Through governance control, the attacker can: extract all locked votes; drain all tokens in the governance contract; disable the router. However, the attacker still cannot drain individual pools.