Badger DAO falls prey to DeFi exploit, losses estimated at $10 million
Badger DAO, a Bitcoin-focused DeFi platform, has been allegedly exploited. The platform tweeted earlier today that it received reports of “unauthorized withdrawals of user funds.” It stated,
“Our investigation is ongoing and we will release further information as soon as possible.”
Meanwhile, Badger confirmed that the engineers have halted all smart contracts to prevent further withdrawals. Having said that, blockchain security and data analytics company PeckShield Inc. released a list of funds that were transferred out from victims’ wallets.
Here is the list of funds that were so far transferred out from victims @BadgerDAO pic.twitter.com/P5pOj1YQ2l
— PeckShield Inc. (@peckshield) December 2, 2021
With that, some early estimates mapped the losses to be around $10 million. However, the stolen amount may have easily exceeded that figure with one user reportedly losing 900 BTC, which will be worth over $50 million at the time of writing.
Badger core contributor Tritium stated on Discord,
“It looks like a bunch of users had approvals set for the exploit address allowing [the address] to operate on their vault funds and that was exploited.”
Meanwhile, another user speculated that stealing has been happening for the last 12 days.
https://t.co/lZwmUpbgg0 front end/dns was hacked.
User is sneaking in approvals in between legit deposit and reward transactions. He has been stealing funds for approx 12 days so far. Exploit is still live.
short $BADGER to namek
🚨 insider rug alert 🚨 🧸🎯
— napgener CASCADOOOOOR (@napgener) December 2, 2021
At press time, Badger DAO’s BADGER token was down over 16% in the last 24 hours, priced at $22.50.
Yes, the DeFi ecosystem witnessed a lot of hacks. According to data from The Block, the chart shows over $600 million worth of stolen funds from DeFi projects as of November this year.
However, data also suggests that most of the stolen funds were returned in the month of August. Just this week, MonoX Finance also confirmed that a hacker had exploited the liquidity platform by using MONO tokens to purchase all the other assets in the pool. The reported loss is around $31 million on Ethereum and Polygon chains.
Meanwhile, exploits suffered by the likes of Cream Finance and theft on Compound remain two of the largest DeFi exploits, as per The Block’s database.