Decentralised Finance platform, BadgerDao has announced the loss of different tokens worth $120m to crypto hackers.
Peckshield, a Blockchain security and data analytics company is investigating the theft on behalf of BadgerDao.
According to Peckshield, the hackers made away with about 2,100 BTC, 151 ETH and varying amounts of other tokens like wrapped Bitcoin (WBTC), convex finance, etc.
The DeFi company has therefore paused all smart contracts and withdrawals.
Badger has received reports of unauthorized withdrawals of user funds. As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals.
Use of malicious algorithm
BadgerDao is a decentralised finance platform that allows users to gain returns on their tokens using vaults. The returns gained depends on the yield generation strategies used by the vaults.
The hackers were able to gain access to users interface using malicious code. The code was run at random times to avoid detection.
Users who were on-site running transactions while the code was running were intercepted and duped into depositing their crypto savings into the hackers’ address.
Badger revealed that one user lost 896 Bitcoins worth $50m and another lost $5m worth of tokens.
Badger claims to be the most security minded team in DeFi
BadgerDao promises users that “they can rest easy knowing you never have to give up your private crypto keys”.
This event has proven that they might be overreaching with their claim as the “most security-minded team in DeFi”. The hackers bypassed the two-factor authentication put in place by the DeFi platform.
Whether the funds can be recovered or what will be done for those affected remains unknown.
Recently, crypto platforms have suffered malicious hacks. Early this year, a crypto lending platform, C.R.E.A.M lost $130m while Poly Network also lost $600m to coin thieves. The hacker later returned the money to Poly Network in what was described as a “bizarre incident”.
These events beg the question of whether crypto on the Blockchain technology is really as safe as widely claimed.
Leave a Reply