BadgerDAO explains in detail how it was hacked for $ 120 million

BadgerDAO explains in detail how it was hacked, worth $ 120 million, and says that the application platform running in the cloud mediates the attack as we can see more in crypto messages today.

In a post on the website, the BadgerDAO DeFi platform explains in detail how it was mined, worth $ 120 million, and states that the scam was caused by malicious code injected by Cloudflare, an app that is used on the cloud network launched by Badger. The hacker used a compromised API key, generated without the knowledge of Badger engineers, or without the permission of Badger engineers, to deliver fraudulent code intended for a specific group of customers.

The hackers stole $ 130 million, but about 9 million of it can be returned because the hacker transferred the funds, but did not withdraw them from Badger’s vault. Badger has since fixed the Cloudflare exploit by updating passwords for Cloudfare accounts and removing API keys where possible. Badger has hired cybersecurity firm Mandiant and blockchain analyst firm Chainalaysis to research the mining industry, and is working with corporations and government agencies in Canada and the US to recover funds where possible.

As recently reported, online data shows that the biggest victim of the hack was a wallet from C Community, a well-known cryptocurrency lending company. The cryptocurrency lending company appears to have been hit hard by the attack when the Celsius network lost $ 50 million in bitcoins. The reports show how hackers stole nearly $ 120 million from BadgerDAo, a decentralized autonomous organization that allows users to deposit bitcoins as protection for Defi apps.

The attacker compromised the DAO user interface and the team is currently working on investigating the exploit with the help of blockchain forensics experts from Chainalysis. Some users complained that they received unusual requests for additional permissions for their accounts, so the attackers were able to add a script to the user interface to trick users into giving hackers access and withdrawing their wallets. BridgerDao engineers have suspended all smart contracts to prevent further withdrawals, while Chainalysis analysts continue to investigate the incident. The amount of the kidnapping is estimated at $ 100 million, but according to the latest figures, the total damage is as high as $ 120 million.