• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

BadgerDAO Sees $120 Million Crypto Heist via Cloudflare Hack

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.63/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
BadgerDAO, "one of the most security-minded DAOs in operation", has been hit with a cryptocurrency heist enabled via a JavaScript hack on their website. BadgerDAO enables Bitcoin holders to "bridge" their cryptocurrency over to the smart-contract and DeFi-enabled Ethereum platform via its token, thus allowing access to the world of decentralized finance. After preliminary investigations aided by blockchain security and data analytics Peckshield, it seems that the bad actors inserted a malicious script in the BadgerDAO website - in turn intercepting Web 3.0 transactions and inserting a request to transfer the victim's tokens to the attacker's chosen address. It's currently estimated that around $120 million were siphoned off via this attack. A single transfer saw 896 Bitcoin being diverted this way - a cool $50 million.

As soon as BadgerDAO became aware of suspect wallet activity, the company immediately froze all smart contracts running in its platform - a way to stem the bleeding until the security audit could be conducted. Thursday night, BadgerDAO announced it had "retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own."





According to BadgerDAO, the attacker managed to access the Cloudflare API used by the company without triggering the two-factor authentication protection that should have been enabled. Of course, two-factor (or multi-factor) authentication can and has been subverted before; there have been multiple instances of phishing attempts that manage to cross the bridge over to 2FA keys, and there are even toolkits available that automate the entire process. While it's still one of the most cost-effective ways to increase security access whenever credentials are involved, like every security measure, it requires attentive user interactions. As cryptocurrencies' mainstream attraction and adoption increases, so too will the upside of pulling of these hacking stunts; and so too are heists expected to increase in frequency - and scale.

View at TechPowerUp Main Site
 
Joined
Feb 23, 2019
Messages
4,532 (3.29/day)
Location
Poland
Processor Ryzen 7 5800X
Motherboard Gigabyte X570 Aorus Elite
Cooling BeQuiet Dark Rock 4
Memory 2x16 GB Crucial Ballistix 3600 CL16 Rev E @ 3800 CL16
Video Card(s) RTX3080 Ti FE
Storage SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s) Acer XB273GP
Case SilverStone Primera PM01 RGB
Audio Device(s) SoundBlaster G6 | Fidelio X2 | Sennheiser 6XX
Power Supply SeaSonic Focus Plus Gold 750W
Mouse Logitech G400 | SteelSeries Rival 300
Keyboard MK Typist (Kailh Box White)
Lol, as if authorities will do anything about it.
 
Joined
Oct 22, 2014
Messages
13,208 (4.46/day)
Location
Sunshine Coast
System Name Black Box
Processor Intel Xeon E3-1260L v5
Motherboard MSI E3 KRAIT Gaming v5
Cooling Tt tower + 120mm Tt fan
Memory G.Skill 16GB 3600 C18
Video Card(s) Asus GTX 970 Mini
Storage Kingston A2000 512Gb NVME
Display(s) AOC 24" Freesync 1m.s. 75Hz
Case Corsair 450D High Air Flow.
Audio Device(s) No need.
Power Supply FSP Aurum 650W
Mouse Yes
Keyboard Of course
Software W10 Pro 64 bit
Hopefully the funds can be returned and the bad guys caught.
 
Joined
Feb 3, 2017
Messages
3,320 (1.56/day)
Processor R5 5600X
Motherboard ASUS ROG STRIX B550-I GAMING
Cooling Alpenföhn Black Ridge
Memory 2*16GB DDR4-2666 VLP @3800
Video Card(s) EVGA Geforce RTX 3080 XC3
Storage 1TB Samsung 970 Pro, 2TB Intel 660p
Display(s) ASUS PG279Q, Eizo EV2736W
Case Dan Cases A4-SFX
Power Supply Corsair SF600
Mouse Corsair Ironclaw Wireless RGB
Keyboard Corsair K60
VR HMD HTC Vive
Lol, as if authorities will do anything about it.
Technically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
 
Joined
Jan 8, 2017
Messages
7,208 (3.35/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Deepcool Gammaxx L240 V2
Memory 16GB - Corsair Vengeance LPX - 3333 Mhz CL16
Video Card(s) OEM Dell GTX 1080 with Kraken G12 + Water 3.0 Performer C
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Deepcool Matrexx 70
Power Supply GPS-750C
Lol, as if authorities will do anything about it.

Even if they do it will probably go nowhere. Done right you can launder the money with zero chances of ever being traced again, then some time later, somewhere a "lucky" individual will sell an NFT for a couple of million and that will be the end of it.
 
Joined
Feb 23, 2019
Messages
4,532 (3.29/day)
Location
Poland
Processor Ryzen 7 5800X
Motherboard Gigabyte X570 Aorus Elite
Cooling BeQuiet Dark Rock 4
Memory 2x16 GB Crucial Ballistix 3600 CL16 Rev E @ 3800 CL16
Video Card(s) RTX3080 Ti FE
Storage SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s) Acer XB273GP
Case SilverStone Primera PM01 RGB
Audio Device(s) SoundBlaster G6 | Fidelio X2 | Sennheiser 6XX
Power Supply SeaSonic Focus Plus Gold 750W
Mouse Logitech G400 | SteelSeries Rival 300
Keyboard MK Typist (Kailh Box White)
Technically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
It's monopoly money.
 
Joined
Apr 12, 2013
Messages
5,428 (1.54/day)
Technically, are ETH/BTC anything like currency or financial instrument yet? If not, this would probably end up as civil case which is quite a lot less likely to go anywhere... :)
Probably anywhere except the US, in civil cases you can easily lose your proverbial pants.
 
Joined
Mar 20, 2019
Messages
556 (0.41/day)
Processor 9600k
Motherboard MSI Z390I Gaming EDGE AC
Cooling Scythe Mugen 5
Memory 32GB of G.Skill Ripjaws V 3600MHz CL16
Video Card(s) MSI 3080 Ventus OC
Storage 2x Intel 660p 1TB
Display(s) Acer CG437KP
Case Streacom BC1 mini
Audio Device(s) Topping MX3
Power Supply Corsair RM750
Mouse R.A.T. DWS
Keyboard HAVIT KB487L / AKKO 3098 / Logitech G19
VR HMD HTC Vive
Benchmark Scores What's a "benchmark"?
It's monopoly money.
Your profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
 
Joined
Feb 23, 2019
Messages
4,532 (3.29/day)
Location
Poland
Processor Ryzen 7 5800X
Motherboard Gigabyte X570 Aorus Elite
Cooling BeQuiet Dark Rock 4
Memory 2x16 GB Crucial Ballistix 3600 CL16 Rev E @ 3800 CL16
Video Card(s) RTX3080 Ti FE
Storage SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s) Acer XB273GP
Case SilverStone Primera PM01 RGB
Audio Device(s) SoundBlaster G6 | Fidelio X2 | Sennheiser 6XX
Power Supply SeaSonic Focus Plus Gold 750W
Mouse Logitech G400 | SteelSeries Rival 300
Keyboard MK Typist (Kailh Box White)
Your profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
Please remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
 
Last edited:
Joined
Mar 20, 2019
Messages
556 (0.41/day)
Processor 9600k
Motherboard MSI Z390I Gaming EDGE AC
Cooling Scythe Mugen 5
Memory 32GB of G.Skill Ripjaws V 3600MHz CL16
Video Card(s) MSI 3080 Ventus OC
Storage 2x Intel 660p 1TB
Display(s) Acer CG437KP
Case Streacom BC1 mini
Audio Device(s) Topping MX3
Power Supply Corsair RM750
Mouse R.A.T. DWS
Keyboard HAVIT KB487L / AKKO 3098 / Logitech G19
VR HMD HTC Vive
Benchmark Scores What's a "benchmark"?
Please remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
In the exchange I use total fees come to around 1.5% for Ethereum to fiat exchange. The thing is, with Ethereum I earned 12.76% in the last month just by having it in my wallet. With fiat, I lost almost half a percent to inflation.
Cryptocurrencies tend to be deflationary, fiat is always inflationary
 
Joined
Mar 21, 2016
Messages
1,769 (0.72/day)
Cryptocurrency gets exchanged for fiat currency. Really all it's doing is serving to collapse fiat currencies effectively. Who stands to gain from that I wonder!?
 
Joined
Apr 12, 2013
Messages
5,428 (1.54/day)
With fiat, I lost almost half a percent to inflation.
Except none of the "crypto currencies" are comparable to regular fiat, even if they claim otherwise! You could easily get much higher returns if you invested in certain (good) stocks & the chances of that company going kaput are negligible as compared to anything crypto including BTC.
 
Joined
Jan 30, 2018
Messages
199 (0.11/day)
System Name Dreamstation2
Processor Ryzen 7 3700X
Motherboard MSI X470 Gaming Plus
Cooling Hyper 212 Black Edition
Memory Kingston HyperX 32GB DDR4 3200 CL16
Video Card(s) EVGA GTX1080 Hybrid
Storage 2 x 1TB M.2 NVME + 1TB 2.5" SSD
Display(s) 24" IPS 2560x1440
Case NZXT H500i
Audio Device(s) Asus Xonar U3 / Audio-Technica ATH-M50x / Edifier R1855DB
Power Supply Corsair TX650M
Mouse Corsair Scimitar Pro RGB
Keyboard Cooler Master Masterkeys Lite L
As someone wise posted on a forum I've read:
"I'm going crypto to free me from government shackles and avoid paying taxes!"
Then one day, crypto is stolen.
"Government, please help me!"
 
Joined
May 31, 2017
Messages
344 (0.17/day)
Processor i7-4790k 4.6Ghz
Motherboard MSI Z97 Gaming 7
Cooling Thermalright HR-02
Memory G.Skill 2400Mhz @ C10
Video Card(s) Sapphire Pulse RX 6800
Storage 36TB
Display(s) QN90A
Audio Device(s) Khadas Tone Pro 2
Power Supply Super Flower Golden Green HX 550W
Mouse Roccat Burst
Keyboard Otemu Brown
Software W10 22H2
In the exchange I use total fees come to around 1.5% for Ethereum to fiat exchange. The thing is, with Ethereum I earned 12.76% in the last month just by having it in my wallet. With fiat, I lost almost half a percent to inflation.
Cryptocurrencies tend to be deflationary, fiat is always inflationary
you might as well lose 50% tomorrow, some people really dont understand how most crypto work.
 
Joined
Nov 5, 2019
Messages
106 (0.09/day)
Location
Romania
System Name HELL->o!
Processor Ryzen 7 5800X3D
Motherboard MSI MEG X570S Ace Max
Cooling NH-D15 Chromax Black
Memory 2x16GB G.Skill RipjawsV 3600CL14 [14-14-14-34]@1.456V
Video Card(s) 6800 XT Red Devil
Storage 3x M.2; 3x Sata SSD
Display(s) MSI Optix MAG274QRF-QD&Asus VG248QE
Case Fractal Design Torrent
Audio Device(s) Edifier R2850DB; Edifier G7
Power Supply Seasonic Prime TX-1000
Mouse Redragon M711 FPS
Keyboard ReDragon Broadsword
Software Win10 Pro 64
Benchmark Scores No
This demands celebration, i'll have vodka tonic tonight. Cheers!
 
Joined
Oct 15, 2004
Messages
145 (0.02/day)
Location
Peterborough, UK
System Name IONE
Processor AMD Ryzen 9 5900X
Motherboard ASUS STRIX B550-A Gaming
Cooling Noctua NH-U12S SE-AM4
Memory 128GB (4x32GB) Corsair DDR4 Vengeance LPX Black, PC4-25600 (3200), CMK128GX4M4E3200C16
Video Card(s) PNY GeForce RTX 3080 12GB
Storage Samsung 980 1TB NVMe (system), WD Black 1TB NVMe (temp), 14x Seagate IronWolf 10TB (RAID6 storage)
Display(s) Dell UP3017
Case Lian-Li PC-777B
Audio Device(s) Blue Sadie headphones
Power Supply Corsair AX1200
Mouse Logitech M510
Keyboard Microsoft Ergonomic
Software Xubuntu 22.04
Benchmark Scores N/A
Ah well, nothing of value was lost. ;)
 
Joined
Jan 8, 2017
Messages
7,208 (3.35/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Deepcool Gammaxx L240 V2
Memory 16GB - Corsair Vengeance LPX - 3333 Mhz CL16
Video Card(s) OEM Dell GTX 1080 with Kraken G12 + Water 3.0 Performer C
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Deepcool Matrexx 70
Power Supply GPS-750C
As someone wise posted on a forum I've read:
"I'm going crypto to free me from government shackles and avoid paying taxes!"
Then one day, crypto is stolen.
"Government, please help me!"

Technically crypto itself is pretty safe and can't really be stolen easily, it's these layers built on top of them that are the weak spot.

To be fair the government fails to protect most people from regular financial scams, so I don't expect anything from them.
 
Joined
May 27, 2019
Messages
137 (0.11/day)
Location
Greece
System Name Odyssey
Processor AMD Ryzen 7 3700x
Motherboard MSI MEG X570 UNIFY
Cooling EKWB EK-MLC Phoenix 240
Memory Crucial Ballistix Sport AT 3200MHz 32GB
Video Card(s) Sapphire Pulse RX 5700XT 8 GB
Storage ADATA XPG SX8200 Pro 1TBx2
Display(s) LG 32GK850F-B
Case Phanteks Enthoo Pro M Tempered Glass
Power Supply SeaSonic PRIME 650W Gold
Your profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.
so much passion defending monopoly money over PLN wccftech is looking for you
 
Joined
Jan 3, 2021
Messages
1,188 (1.70/day)
Location
Slovenia
Processor i5-6600K
Motherboard Asus Z170A
Cooling some cheap Cooler Master
Memory 16GB DDR4-2400
Video Card(s) IGP
Storage Samsung 850 EVO 250GB
Display(s) 2x Oldell 24" 1920x1200
Case Bitfenix Nova white windowless
Audio Device(s) E-mu 1212m PCI
Power Supply Seasonic G-360
Mouse Logitech Marble trackball, never had a mouse
Keyboard Key Tronic KT2000, no Win key because 1994
Software Oldwin
Please remind me what would be transaction fee if I wanted to buy a loaf of bread with bitcoin?
And don't even mention inflation when BTC can jump 10% within a day.
♛ Keep calm and buy on dips, then sell on rallies. It's so easy.
 
Joined
Jun 7, 2019
Messages
44 (0.03/day)
It's monopoly money.

Could be worse, could be the USD - the US is 2 weeks from hitting its debt ceiling, this dance between the political parties will be resolved before that no doubt, but it doesn't change the fact that the currency is not the rock of stability it once was. 25% of all USD was printed in 2020. Chase bank is offering < 0.1% interest.

BTC has a capped supply, it is a deflationary asset; ETH has a predictable supply. ETH is much more than a currency/store of value.

The USD is an inflationary asset on the verge of hyperinflation. If the USD was a cryptocurrency, it would be the biggest shit coin of them all. It's tied to NOTHING, literally nothing - it is literally monopoly money.
 
Joined
Jan 16, 2008
Messages
1,336 (0.25/day)
Location
Milwaukee, Wisconsin, USA
Processor i7-3770K
Motherboard Biostar Hi-Fi Z77
Cooling Swiftech H20 (w/Custom External Rad Enclosure)
Memory 16GB DDR3-2400Mhz
Video Card(s) Alienware GTX 1070
Storage 1TB Samsung 850 EVO
Display(s) 32" LG 1440p
Case Cooler Master 690 (w/Mods)
Audio Device(s) Creative X-Fi Titanium
Power Supply Corsair 750-TX
Mouse Logitech G5
Keyboard G. Skill Mechanical
Software Windows 10 (X64)
Could be worse, could be the USD - the US is 2 weeks from hitting its debt ceiling, this dance between the political parties will be resolved before that no doubt, but it doesn't change the fact that the currency is not the rock of stability it once was. 25% of all USD was printed in 2020. Chase bank is offering < 0.1% interest.

BTC has a capped supply, it is a deflationary asset; ETH has a predictable supply. ETH is much more than a currency/store of value.

The USD is an inflationary asset on the verge of hyperinflation. If the USD was a cryptocurrency, it would be the biggest shit coin of them all. It's tied to NOTHING, literally nothing - it is literally monopoly money.
Keep telling yourself that, as long as it makes you feel better. We know who's going to have the last laugh, when that scam collapses.
 
Joined
Apr 12, 2013
Messages
5,428 (1.54/day)
Technically crypto itself is pretty safe and can't really be stolen easily, it's these layers built on top of them that are the weak spot.
So is cash i.e. fiat, safer than any thing else you might argue.
 
Joined
Apr 6, 2021
Messages
584 (0.97/day)
Location
Bavaria ⌬ Germany
System Name ✨ Lenovo M700 [Tiny]
Cooling ⚠️ 78,08% N² ⌬ 20,95% O² ⌬ 0,93% Ar ⌬ 0,04% CO²
Audio Device(s) ◐◑ AKG K702 ⌬ FiiO E10K Olympus 2
Mouse ✌️ Corsair M65 RGB Elite [Black] ⌬ Endgame Gear MPC-890 Cordura
Keyboard ⌨ Turtle Beach Impact 500
Your profile says you're from Poland. Hate to break it to you, PLN is more of a Monopoly money, even worse with very poor government management and highest inflation in something like two decades. As is all fiat money by definition, in Monopoly money is worth whatever the manufacturer says it is - and, at least, there is no crippling inflation -, fiat money is just silly papers worth whatever old farts in the government say it's worth. If the farts have dementia and get overwhelmed by greed you get your million Venezuelan Bolivar meal.
Enjoy your 50PLN loaf of bread in Q3 2022. Ah, the joy of fiat funnymoney.

Exactly. :) But you can not blame the average Joe for it.

The money system is so complex that even experts do not understand it. And it's designed that way for that reason. We have financial experts studying for years, beeing trained to play the "money game", but they aren't teached what money actually is. But with the out of control inflation devaluating peoples savings & money scandals after another (cherry on the cake was the CumEx Trading Sheme, where they stole more than 60billion tax payer money), more people start asking questions.

Our financial system is doomed anyway. If our central banks wouldn't flood the market with cash created out of thin air, the system would have collapsed decades ago. And since it's designed to be globally interconnected, there is no governement able to change anything without getting isolated from the global market. Or if they try their country will get bombed to ashes, see Muammar al-Gaddafi.


Crypo currencies could be a way out, but it also has a lot of flaws. Huge energy waste, Bitcoin exchanges aren't as safe as bank transfers yet, you can not sustain the social system etc. without taxing somehow, Bitcoins get lost day by day, and Bitcoin has no stable course. Just a tweet from Elon Musk creates market shaking turbulences. And not to forget that Bitcoin is mostly used for money laundering & illegal activities.

And we don't even know who programmed Bitcoin. There are so many names thrown around, but it could be anyone. Whoever did it is now most likely the richest dude on the planet, so rich that Jeff Bezos would be his boot licker. Heck, I wouldn't even be surprised if Bitcoin was programmed by the NSA so they can stock up cash for their black budget for illegal activities. Way less risk & way more profits than the Barry Seal operation. And no traces.
 
Joined
Jun 7, 2019
Messages
44 (0.03/day)
Keep telling yourself that, as long as it makes you feel better. We know who's going to have the last laugh, when that scam collapses.

Bitcoin has gone from < $1 to ~$50,000 in 12 years. In the same timeframe the USD has lost 30% of its buying power...nice. This has nothing to do with crypto - this is just a fact, the USD in your bank account likely earns less interest than the rate of inflation - so you're actually losing wealth as we speak.

Remind me (other than thin air) what the USD is tied to again?

And not to forget that Bitcoin is mostly used for money laundering & illegal activities.

Roughly 3% of BTC transactions are estimated to be used for illegal activity. BTC is terrible for illegal transactions as it has a public ledger. Monero might be a different story.

The real criminals are the banks. JP Morgan Chase alone: https://violationtracker.goodjobsfirst.org/parent/jpmorgan-chase
 
Top