An unknown hacker stole cryptocurrencies worth over $120 million from BadgerDAO, a decentralized finance platform on Wednesday night.
While the investigation is ongoing, BadgerDAO and security teams working on it said the attack and was due to a malicious script insertion into the platformโs UI, that triggered diverting funds from customersโ wallets to hackers. As a measure, BadgerDAO suspended transactions and froze the platform for a while.
Security Hack at BadgerDAO
Decentralized finance is one of the finest concepts in blockchain technology, where people can borrow money without any past credit score, and lenders can gain intrest in their pledged amount.
BadgerDAO is of such, having financial experts and strategists for actively managing the people funds, and squeeze maximum profits of it. On Wednesday night, the platform was subjected to a breach, leading to a loss of over $120 million worth of cryptocurrencies.
Here is the current whereabouts as well as the total loss: $120.3M (with ~2.1k BTC + 151 ETH) @BadgerDAO pic.twitter.com/fJ4hJcMWTq
— PeckShield Inc. (@peckshield) December 2, 2021
This figure was estimated by Peckshield, a blockchain security and data analytics firm thatโs working with BadgerDAO in investigating this case. Badgerโs team later said that cause of this incident was due to the insertion of a script into their websiteโs UI, that would intercept Web3 transactions and trigger requests for transferring the usersโ funds to an external wallet โ which could be the hackerโs.
Here is the current whereabouts as well as the total loss: $120.3M (with ~2.1k BTC + 151 ETH) @BadgerDAO pic.twitter.com/fJ4hJcMWTq
— PeckShield Inc. (@peckshield) December 2, 2021
The investigation continues.
Badger has retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own.
— โฟadgerDAO ???? (@BadgerDAO) December 2, 2021
Badgerโs team pointed out one particular transaction, where the hacker moved over 896 Bitcoins in a single flick, worth over $50 million. The team also said the malicious script was available on their website since November 10th, and the hacker was running at random times to avoid detection.
BadgerDAO has informed the authorities in Canada and the US and appointed Chainalysis to explore the full-scale impact of this incident. Meanwhile, as a precaution, BadgerDAO froze the platform and canceled all the smart contracts and transactions.