BadgerDAO, a Decentralized Finance (DeFi) protocol operating on the Ethereum, Binance and Arbitrum chain, has fallen victim of a DeFi exploit by hackers as the protocol reports that it has noticed “unauthorized withdrawals” from its protocol.
According to reports from blockchain security and analytics company, PeckShield, over 2,063 BTC was taken. At Bitcoin’s current market price as of the time of this writing, this puts the total dollar figure of the exploit at $116.9 million. Due to the exploit, the protocol confirmed that the engineers have halted all smart contracts to prevent further withdrawals.
According to the official Twitter account of the protocol, “Badger has received reports of unauthorized withdrawals of user funds. As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals. Our investigation is ongoing and we will release further information as soon as possible.”
Badger developer Tritium wrote on Discord, “It looks like a bunch of users had approvals set for the exploit address allowing it to operate on their vault funds and that was exploited.”
According to Badger Core team member Mitche50, commenting on the BadgerDAO Discord’s “general” channel, “It looks like an API key for cloudflare was compromised. Through this, the hacker was able to create a script, inject the script into custom routes and serve the frontend with the malicious script injected.”
The Nexus team issued a statement in their Discord’s “claims-discussions” channel indicating that BadgerDAO cover holders may be out of luck in this case. It reads, “If this is confirmed as a frontend attack, BadgerDAO’s smart contracts were not impacted and this would not be a covered event. Frontend attacks are not covered per section 9 of the Protocol Cover wording.”
BadgerDAO launched its first launched yield-generating vaults based on wrapped bitcoin on Ethereum, in December 2020. The project quickly moved to community-based governance through the distribution of the BADGER token, which has been used to vote on over 70 improvements to the protocol since launch.
The DeFi ecosystem witnessed a lot of hacks. According to data from The Block, over $600 million have been stolen from DeFi projects as of November this year.
This exploit, according to data from The Block, will rank the second-highest, taking Compounds spot, in which $62 million was stolen. Cream Finance still holds the record of the most funds stolen with $130.8 million
The Federal Inland Revenue Service (FIRS) has begun its recruitment exercise for experienced professionals to…
PRESS STATEMENT Nigerian Breweries PLC - The pioneer and largest brewing company in Nigeria which is…
Lagos State Governor Babajide Sanwo-Olu has called on individuals and groups intending to…
The Delta State Police Command on Sunday confirmed the arrest of Efe Money and the Chief…
Former Senate Leader, Mohammed Ali Ndume, has explained that he insisted on the withdrawal of…
A Nigerian lady, Aisha Lawal, has said that no woman can stop her husband from…