While the investigation is ongoing, BadgerDAO and security teams working on it said the attack and was due to a malicious script insertion into the platform’s UI, that triggered diverting funds from customers’ wallets to hackers. As a measure, BadgerDAO suspended transactions and froze the platform for a while.
Security Hack at BadgerDAO
Decentralized finance is one of the finest concepts in blockchain technology, where people can borrow money without any past credit score, and lenders can gain intrest in their pledged amount. BadgerDAO is of such, having financial experts and strategists for actively managing the people funds, and squeeze maximum profits of it. On Wednesday night, the platform was subjected to a breach, leading to a loss of over $120 million worth of cryptocurrencies.
— PeckShield Inc. (@peckshield) December 2, 2021 This figure was estimated by Peckshield, a blockchain security and data analytics firm that’s working with BadgerDAO in investigating this case. Badger’s team later said that cause of this incident was due to the insertion of a script into their website’s UI, that would intercept Web3 transactions and trigger requests for transferring the users’ funds to an external wallet – which could be the hacker’s.
— PeckShield Inc. (@peckshield) December 2, 2021
Badger has retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own. — ₿adgerDAO 🦡 (@BadgerDAO) December 2, 2021 Badger’s team pointed out one particular transaction, where the hacker moved over 896 Bitcoins in a single flick, worth over $50 million. The team also said the malicious script was available on their website since November 10th, and the hacker was running at random times to avoid detection. BadgerDAO has informed the authorities in Canada and the US and appointed Chainalysis to explore the full-scale impact of this incident. Meanwhile, as a precaution, BadgerDAO froze the platform and canceled all the smart contracts and transactions.