Badger DAO – a DeFi protocol attempting to fast-track the usage of Bitcoin to earn yield on Ethereum – has been hacked, with losses in excess of $120m being reported.
With more than 30,000 active users and $1.2 billion in total value locked, the protocol is an established name in the cryptocurrency industry.
The hacking of Badger’s front end has become the likely explanation as to how the attack occurred with hackers reportedly inserting a malicious script that users interacted with.
Badger core contributor Tritium explained on Discord what they believed was the issue behind the hack.
“It looks like a bunch of users had approvals set for the exploit address allowing [the address] to operate on their vault funds and that was exploited,” he wrote.
Badger’s users began complaining about issues at about 9pm EST in an attack that has left the price of BADGER, the native token for the Badger DAO suffering, with a decline of 21% over the past day, according to CoinGecko.
The Badger team took to Twitter, confirming reports of unauthorised withdrawals of user funds and assuring its users an investigation was underway.
Badger has received reports of unauthorized withdrawals of user funds.
As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals.
Our investigation is ongoing and we will release further information as soon as possible.
— ₿adger 🦡 (@BadgerDAO) December 2, 2021
The top of the Badger website reads: “As Badger engineers investigate reports of unauthorized withdrawals, all smart contracts have been paused to prevent further withdrawals.”
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.