FacebookTwitterLinkedInTelegramCopy LinkEmail
Crime and Investigations

Hacker Drains $115 Million From DeFi Protocol BadgerDAO

Hacker Drains $115 Million From DeFi Protocol BadgerDAO

Another DeFi protocol has fallen victim to a serious hack, after the BadgerDAO reported that they had noticed "unauthorized withdrawals" from their protocol.

BadgerDAO initially stated that $10 million had been stolen, though reports from security and blockchain analytics company PeckShield put that number closer to $115 million, or over 2,063 BTC. One user even lost 900 BTC.

Unlike many other DeFi hacks, this one does not appear to be an attack on the protocol itself, but rather the web interface connecting the protocol to users’ wallets.

On BadgerDAO’s Discord server, many users complained that when their wallets interacted with BadgerDAO, they were hit with requests for additional permissions and then transferred tokens to wallets controlled by the hackers.

RELATED: PayPal Enables Crypto Payments

BadgerDAO has currently decided to pause all smart contracts to prevent further withdrawals while it investigates further.

The BadgerDAO’s very own governence token, BADGER, plummeted after news broke out.

The protocol’s founder, Chris Spadafora had not yet responded to the news on Twitter at the time of publication.

According to Mitche50 of the Badger Core team:

“It appears that the API key for Cloudflare has been compromised. Through this, the hacker was able to create a script and inject it into custom routes.”

Cloudflare is a widely used US website infrastructure company that provides a content delivery network and helps sites defend against denial of service attacks.


It is also unclear whether affected users will be able to be compensated for losses by the DAO or by the Nexus Mutual insurance protocol, which offers BadgerDAO insurance at a rate of 2.6% per year.

The insurers’ terms note that the insurance only covers “contract bugs, economic attacks including oracle failures [and] network management attacks”.

While this hack is significant, it pales in comparison to some of the major successful exploits that have happened against DeFi protocols this year. For example, in August hackers made off with nearly $600 million after exploiting bugs in the Poly Network.

Alexander Stefanov

Reporter at CoinsPress

Alex is an experienced finance journalist and a cryptocurrency and blockchain enthusiast. With over five years of experience covering the industry, he deeply understands the complex and constantly evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His passionate approach allows him to break down complex ideas into accessible and insightful content. Follow up on his content to be up to date with the most important trends and topics - stay ahead of the curve with CoinsPress.

Learn more about crypto and blockchain technology.