BadgerDAO DeFi protocol suffers a whopping US$120 million hack
Coinhead
Prominent decentralised finance protocol BadgerDAO has copped a major financial exploit, with current losses estimated to be more than US$120 million worth of various cryptocurrencies.
Various reports initially suggested the amount of user funds siphoned from the protocol was far less – about US$10 million. But data shared on Twitter from security company PeckShield now shows a much higher figure.
Here is the current whereabouts as well as the total loss: $120.3M (with ~2.1k BTC + 151 ETH) @BadgerDAO pic.twitter.com/fJ4hJcMWTq
— PeckShield Inc. (@peckshield) December 2, 2021
The hacker was reportedly able to insert a malicious script into Badger’s user interface that prompted users to give the thief the permission required to take control of their funds.
Big ooff in the BadgerDao community pic.twitter.com/NicMsSQwSM
— Devchart 👨🏻💻 (@devchart) December 2, 2021
The BadgerDAO community will be hoping for a resolution similar to crypto’s biggest ever hack – the Poly Network (not to be confused with Polygon) fiasco from August.
That one was an exploit of more than US$600 million (making it one of the biggest financial heists of all time, never mind just crypto), but it resulted in the hacker, dubbed “Mr White Hat” eventually returning all of the funds.
BadgerDAO is a decentralised autonomous organisation (DAO) focused on bringing Bitcoin to DeFi, offering yield through tokenised BTC on the Ethereum network.
Commenting on the hack on the project’s Discord server, Badger core contributor Tritium wrote:
“It looks like a bunch of users had approvals set for the exploit address allowing [the address] to operate on their vault funds and that was exploited.”
Badger’s Discord community members and developers are reportedly actively tracking the relevant blockchain trails, and appear to have made some progress in potentially identifying the crypto-pilfering “shadowy super coder”.
Peckshield is certainly showing its support for the hacker hunt…
Look like good progress has been made. Fingers crossed! @BadgerDAO 🙏
— PeckShield Inc. (@peckshield) December 2, 2021