Someone siphoned assets from various bitcoin wallets linked to the decentralized financial website BadgerDAO on Wednesday night. The numerous tokens taken in the hack are worth around $120 million, according to Peckshield, a blockchain security and data analytics firm that is collaborating with Badger to investigate the crime.
While the investigation is still underway, Badger team members have advised consumers that they suspect the problem was caused by someone installing a malicious script into the UI of website. It would intercept Web3 transactions and inject a request to transfer the victim’s tokens to the attacker’s selected address for all users who interacted with the site while the script was running.
We can observe what happened when the attackers pounced since the transactions are visible. PeckShield pointed to one transfer that dragged 896 Bitcoin valued more than $50 million into the attacker’s hands. The malicious code first emerged on November 10th, according to the researchers, and the attackers executed it at seemingly random intervals to evade discovery.
Decentralized finance (or DeFi) systems use blockchain technology to enable crypto owners to do more traditional financial transactions, such as lending and earning interest. “Rest easy knowing you never have to give over the private keys for your crypto, you can withdraw whenever you want, and our strategists are working day and night to put your assets to work,” BadgerDAO offers users. Its protocol enables Bitcoin owners to “bridge” their money to the Ethereum platform via its token, allowing them to take advantage of DeFi possibilities that they would otherwise be unable to access.
See Also: Microsoft Windows 11 Test Build Has Enabled Start Menu Customization
Badger suspended all smart contracts, effectively freezing its platform, after becoming aware of the illicit transfers, and recommended users to deny all transactions to the attacker’s addresses.
Also Read: OPPO donates thousands of medical supplies to the General hospital
“We’ve recruited data forensics experts Chainalysis to uncover the entire scope of the issue,” the business announced Thursday night. “Authorities in both the US and Canada have been informed, and Badger is working completely with external investigations as well as progressing with its own.”