Unknown persons stole funds from several cryptocurrency wallets connected to the BadgerDAO decentralized financial platform. The amount stolen is about $ 120 million.

According to Peckshield blockchain security and data analyst, which works with Badger to investigate the robbery, the attack was made possible by the fact that on November 10, someone inserted a malicious script into the user interface your website. For users who interacted with the site, when the script was active, it intercepted Web3 transactions and inserted a request to transfer the victim's tokens to the attacker's chosen address.

PeckShield points to one transfer, as a result of which hackers received 896 bitcoins on more than $ 50 million.

As soon as Badger learned of the unauthorized transfers, it suspended all smart contracts, effectively freezing the platform.

The company hired data forensics experts from Chainalysis to investigate the scale of the incident, and also notified the US and Canadian authorities of the incident.

Badger is investigating how a hacker gained access to Cloudflare through an API key that was supposed to be protected by two-factor authentication. Although the attack did not reveal specific flaws in the Blockchain technology itself, the attacker managed to exploit the old "web 2.0" technology.

It is not yet reported whether the affected users will be able to return their funds.

On August 10, a hacker hacked the Poly Network protocol and stole $ 611 million from the project. would like to return the stolen. It was the largest theft in the history of decentralized financial services. Later, the developers invited the hacker to become an advisor to the project. He apologized for his behavior and returned the money.

bbabo.Net