Prominent decentralised finance protocol BadgerDAO has copped a major financial exploit, with current losses estimated to be more than US$120 million worth of various cryptocurrencies.

Various reports initially suggested the amount of user funds siphoned from the protocol was far less – about US$10 million. But data shared on Twitter from security company PeckShield now shows a much higher figure.

The hacker was reportedly able to insert a malicious script into Badger’s user interface that prompted users to give the thief the permission required to take control of their funds.

The BadgerDAO community will be hoping for a resolution similar to crypto’s biggest ever hack – the Poly Network (not to be confused with Polygon) fiasco from August.

That one was an exploit of more than US$600 million (making it one of the biggest financial heists of all time, never mind just crypto), but it resulted in the hacker, dubbed “Mr White Hat” eventually returning all of the funds.

BadgerDAO is a decentralised autonomous organisation (DAO) focused on bringing Bitcoin to DeFi, offering yield through tokenised BTC on the Ethereum network. 

Commenting on the hack on the project’s Discord server, Badger core contributor Tritium wrote:

“It looks like a bunch of users had approvals set for the exploit address allowing [the address] to operate on their vault funds and that was exploited.”

Badger’s Discord community members and developers are reportedly actively tracking the relevant blockchain trails, and appear to have made some progress in potentially identifying the crypto-pilfering “shadowy super coder”.

Peckshield is certainly showing its support for the hacker hunt…