As per a report, the members of the BadgerDAO teams told their customers that they believe this BadgerDAO theft took place from someone inserting an infected script in their website’s UI. Let us have a look at the coin theft that took place at BadgerDAO.
How Did The BadgerDAO Theft Happened?
Nearly $120 million which is approximately Rs 899 crore were stolen from various digital currency wallets on the DeFi platform BadgerDAO on Wednesday. The issue is presently being investigated by the blockchain analytics and data firm PeckShield. For the user who was in interaction with the website when the malicious script was active it would wiretap Web3 transactions and put in a request to transfer the token of the victim to the address that has been chosen by the attacker. That’s how the BadgerDAO theft happened. The good thing here is that because of nature’s transparent platform, everyone had the access to see what happened once the script was launched by the attacker. As per Peckshield, the one transfers 896 BTC worth over $50 million which is approximately Rs 374 crores into the account of the attackers. BadgerDAO today tweeted, confirming the news on BadgerDAO theft.
“Badger has received reports of unauthorized withdrawals of user funds. As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals.”
The malicious script of this DeFi fraud first appeared as early as 10 November 2021 on the website of BadgerDAO, and a random interval was run by the operators to avoid any detection. However, once the system of BadgerDAO became aware of this problem, it halted all the smart contracts, basically freezing all their platforms, and also instructed the users to not accept the transactions on the address of the attackers. The company through a Tweet said,
“Badger has retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own.”
While the BadgerDAO theft did not release any prominent flaws in the Blockchain network, they somehow exploited the web 2.0 technology that is employed for carrying out the transaction.
Badger is a DAO (decentralized autonomous organization) that allows BTC to be employed as collateral across various decentralized finance (DeFi) applications.
Over the course of last year and the first half of this year, the predicted 1,000 BTC which is in the form of synthetic BTC derivatives that is being used on the network of Ethereum bloated to more than 250,000 BTC as a direct result of the meteoric increase in popularity of DeFi. While DeFi first evolved on the Ethereum network, other blockchains like Solana and Polkadot have increased in popularity and also serve as basic platforms for many DeFi projects.
As a result of this rising adoption of DeFi, Badger was created to serve an evolving requirement for the use of BTC in DeFi applications on these varied blockchain networks. Its the first product, Sett Vaults, enables its users to earn a yield on their synthetic assets of BTC. Digg, which is its second product, is a software that handles the DIGG token, an elastic-supply digital currency backed to the price of a dollar of BTC.
BADGER is a token that is based on Ethereum used for protocol distribution and governance of rewards within the Badger DAO. Even though BADGER mainly enabled holders to only vote on the proposals of the project, it has since evolved in utility and is now available to distribute rewards to those who handle the Sett Vaults. A similar scam took place a few months ago which was known as the Poly Network hack.
The Bottom Line
Recently there has been a BadgerDAO theft where the hackers have taken $120 million which is nearly Rs 899 crore. The hackers have inserted some script in the website of Badger and that is how they have got access to all the transactions. However, Badger had identified the threat before it was too late.