Friday, December 3rd 2021

BadgerDAO Sees $120 Million Crypto Heist via Cloudflare Hack

BadgerDAO, "one of the most security-minded DAOs in operation", has been hit with a cryptocurrency heist enabled via a JavaScript hack on their website. BadgerDAO enables Bitcoin holders to "bridge" their cryptocurrency over to the smart-contract and DeFi-enabled Ethereum platform via its token, thus allowing access to the world of decentralized finance. After preliminary investigations aided by blockchain security and data analytics Peckshield, it seems that the bad actors inserted a malicious script in the BadgerDAO website - in turn intercepting Web 3.0 transactions and inserting a request to transfer the victim's tokens to the attacker's chosen address. It's currently estimated that around $120 million were siphoned off via this attack. A single transfer saw 896 Bitcoin being diverted this way - a cool $50 million.

As soon as BadgerDAO became aware of suspect wallet activity, the company immediately froze all smart contracts running in its platform - a way to stem the bleeding until the security audit could be conducted. Thursday night, BadgerDAO announced it had "retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own."
According to BadgerDAO, the attacker managed to access the Cloudflare API used by the company without triggering the two-factor authentication protection that should have been enabled. Of course, two-factor (or multi-factor) authentication can and has been subverted before; there have been multiple instances of phishing attempts that manage to cross the bridge over to 2FA keys, and there are even toolkits available that automate the entire process. While it's still one of the most cost-effective ways to increase security access whenever credentials are involved, like every security measure, it requires attentive user interactions. As cryptocurrencies' mainstream attraction and adoption increases, so too will the upside of pulling of these hacking stunts; and so too are heists expected to increase in frequency - and scale.
Sources: The Verge, BadgerDAO @ Twitter, Peckshield @ Twitter
Add your own comment

34 Comments on BadgerDAO Sees $120 Million Crypto Heist via Cloudflare Hack

#1
Chomiq
Lol, as if authorities will do anything about it.
Posted on Reply
#2
Caring1
Hopefully the funds can be returned and the bad guys caught.
Posted on Reply
#3
londiste
ChomiqLol, as if authorities will do anything about it.
Technically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
Posted on Reply
#4
Vya Domus
ChomiqLol, as if authorities will do anything about it.
Even if they do it will probably go nowhere. Done right you can launder the money with zero chances of ever being traced again, then some time later, somewhere a "lucky" individual will sell an NFT for a couple of million and that will be the end of it.
Posted on Reply
#5
Chomiq
londisteTechnically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
It's monopoly money.
Posted on Reply
#6
R0H1T
londisteTechnically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
Probably anywhere except the US, in civil cases you can easily lose your proverbial pants.
Posted on Reply
#7
InVasMani
Some hacker landed on boardwalk honey badger don't care...
Posted on Reply
#8
TheUn4seen
ChomiqIt's monopoly money.
Your profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
Posted on Reply
#9
Chomiq
TheUn4seenYour profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
Please remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
Posted on Reply
#10
TheUn4seen
ChomiqPlease remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
In the exchange I use total fees come to around 1.5% for Ethereum to fiat exchange. The thing is, with Ethereum I earned 12.76% in the last month just by having it in my wallet. With fiat, I lost almost half a percent to inflation.
Cryptocurrencies tend to be deflationary, fiat is always inflationary
Posted on Reply
#11
InVasMani
Cryptocurrency gets exchanged for fiat currency. Really all it's doing is serving to collapse fiat currencies effectively. Who stands to gain from that I wonder!?
Posted on Reply
#12
R0H1T
TheUn4seenWith fiat, I lost almost half a percent to inflation.
Except none of the "crypto currencies" are comparable to regular fiat, even if they claim otherwise! You could easily get much higher returns if you invested in certain (good) stocks & the chances of that company going kaput are negligible as compared to anything crypto including BTC.
Posted on Reply
#13
holyprof
As someone wise posted on a forum I've read:
"I'm going crypto to free me from government shackles and avoid paying taxes!"
Then one day, crypto is stolen.
"Government, please help me!"
Posted on Reply
#14
noel_fs
TheUn4seenIn the exchange I use total fees come to around 1.5% for Ethereum to fiat exchange. The thing is, with Ethereum I earned 12.76% in the last month just by having it in my wallet. With fiat, I lost almost half a percent to inflation.
Cryptocurrencies tend to be deflationary, fiat is always inflationary
you might as well lose 50% tomorrow, some people really dont understand how most crypto work.
Posted on Reply
#15
Yraggul666
This demands celebration, i'll have vodka tonic tonight. Cheers!
Posted on Reply
#16
mashie
Ah well, nothing of value was lost. ;)
Posted on Reply
#17
Vya Domus
holyprofAs someone wise posted on a forum I've read:
"I'm going crypto to free me from government shackles and avoid paying taxes!"
Then one day, crypto is stolen.
"Government, please help me!"
Technically crypto itself is pretty safe and can't really be stolen easily, it's these layers built on top of them that are the weak spot.

To be fair the government fails to protect most people from regular financial scams, so I don't expect anything from them.
Posted on Reply
#18
demian_vi
TheUn4seenYour profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
so much passion defending monopoly money over PLN wccftech is looking for you
Posted on Reply
#19
Wirko
ChomiqPlease remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
♛ Keep calm and buy on dips, then sell on rallies. It's so easy.
Posted on Reply
#20
b4psm4m
ChomiqIt's monopoly money.
Could be worse, could be the USD - the US is 2 weeks from hitting its debt ceiling, this dance between the political parties will be resolved before that no doubt, but it doesn't change the fact that the currency is not the rock of stability it once was. 25% of all USD was printed in 2020. Chase bank is offering < 0.1% interest.

BTC has a capped supply, it is a deflationary asset; ETH has a predictable supply. ETH is much more than a currency/store of value.

The USD is an inflationary asset on the verge of hyperinflation. If the USD was a cryptocurrency, it would be the biggest shit coin of them all. It's tied to NOTHING, literally nothing - it is literally monopoly money.
Posted on Reply
#21
timta2
b4psm4mCould be worse, could be the USD - the US is 2 weeks from hitting its debt ceiling, this dance between the political parties will be resolved before that no doubt, but it doesn't change the fact that the currency is not the rock of stability it once was. 25% of all USD was printed in 2020. Chase bank is offering < 0.1% interest.

BTC has a capped supply, it is a deflationary asset; ETH has a predictable supply. ETH is much more than a currency/store of value.

The USD is an inflationary asset on the verge of hyperinflation. If the USD was a cryptocurrency, it would be the biggest shit coin of them all. It's tied to NOTHING, literally nothing - it is literally monopoly money.
Keep telling yourself that, as long as it makes you feel better. We know who's going to have the last laugh, when that scam collapses.
Posted on Reply
#22
R0H1T
Vya DomusTechnically crypto itself is pretty safe and can't really be stolen easily, it's these layers built on top of them that are the weak spot.
So is cash i.e. fiat, safer than any thing else you might argue.
Posted on Reply
#23
MarsM4N
TheUn4seenYour profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
Exactly. :) But you can not blame the average Joe for it.

The money system is so complex that even experts do not understand it. And it's designed that way for that reason. We have financial experts studying for years, beeing trained to play the "money game", but they aren't teached what money actually is. But with the out of control inflation devaluating peoples savings & money scandals after another (cherry on the cake was the CumEx Trading Sheme, where they stole more than 60billion tax payer money), more people start asking questions.

Our financial system is doomed anyway. If our central banks wouldn't flood the market with cash created out of thin air, the system would have collapsed decades ago. And since it's designed to be globally interconnected, there is no governement able to change anything without getting isolated from the global market. Or if they try their country will get bombed to ashes, see Muammar al-Gaddafi.


Crypo currencies could be a way out, but it also has a lot of flaws. Huge energy waste, Bitcoin exchanges aren't as safe as bank transfers yet, you can not sustain the social system etc. without taxing somehow, Bitcoins get lost day by day, and Bitcoin has no stable course. Just a tweet from Elon Musk creates market shaking turbulences. And not to forget that Bitcoin is mostly used for money laundering & illegal activities.

And we don't even know who programmed Bitcoin. There are so many names thrown around, but it could be anyone. Whoever did it is now most likely the richest dude on the planet, so rich that Jeff Bezos would be his boot licker. Heck, I wouldn't even be surprised if Bitcoin was programmed by the NSA so they can stock up cash for their black budget for illegal activities. Way less risk & way more profits than the Barry Seal operation. And no traces.
Posted on Reply
#24
b4psm4m
timta2Keep telling yourself that, as long as it makes you feel better. We know who's going to have the last laugh, when that scam collapses.
Bitcoin has gone from < $1 to ~$50,000 in 12 years. In the same timeframe the USD has lost 30% of its buying power...nice. This has nothing to do with crypto - this is just a fact, the USD in your bank account likely earns less interest than the rate of inflation - so you're actually losing wealth as we speak.

Remind me (other than thin air) what the USD is tied to again?
MarsM4NAnd not to forget that Bitcoin is mostly used for money laundering & illegal activities.
Roughly 3% of BTC transactions are estimated to be used for illegal activity. BTC is terrible for illegal transactions as it has a public ledger. Monero might be a different story.

The real criminals are the banks. JP Morgan Chase alone: violationtracker.goodjobsfirst.org/parent/jpmorgan-chase
Posted on Reply
#25
R-T-B
b4psm4mRemind me (other than thin air) what the USD is tied to again?
The US economy.
R0H1TSo is cash i.e. fiat, safer than any thing else you might argue.
It's a lot easier to steal cash in a mattress than hack a bitcoin public address. It's absolutely the 3rd party layers at fault.
Posted on Reply
Add your own comment
May 19th, 2022 02:24 EDT change timezone

New Forum Posts

Popular Reviews

Controversial News Posts