Bitcoin [BTC] DeFi Project Hacked; Losses Exceed $120M

A Bitcoin-based DeFi protocol BadgerDAO became the latest victim of a hack. The initial reports suggest the platform suffered a total loss of more than $120 million in various cryptocurrencies, including 2.1k BTC and 151 ETH. 

Front-end targeted

According to the blockchain security firm PeckShield, the most affected user lost around 900 BTC that is worth almost $50 million in a single transaction. The hack appears to have originated from an exploit on BadgerDAO’s front-end. Following the compromise, the users were tricked into executing unwanted transactions.

Here is the current whereabouts as well as the total loss: $120.3M (with ~2.1k BTC + 151 ETH) @BadgerDAO pic.twitter.com/fJ4hJcMWTq

— PeckShield Inc. (@peckshield) December 2, 2021

It all started after several users affected by the exploit reported witnessing their wallets providers bombarded with suspicious permission requests while claiming rewards for yield farming and interacting with the vaults of the protocol.

The Etherescan transactions reveal that the perpetrator has siphoned off with Wrapped Bitcoin [WBTC], cvxCRV [Convex CRV], veCVX, among other vaulted and synthetic cryptocurrency assets from users wallets. 

Following the development, the only tweet put out by BadgerDAO’s Twitter handle was:

“Badger has received reports of unauthorized withdrawals of user funds. As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals. Our investigation is ongoing and we will release further information as soon as possible.”

Badger in Brief

For the uninitiated, Badger DAO is an open-source, decentralized automated organization.

Its main objective is to build products and infrastructure in a bid to simplify Bitcoin [BTC] application as collateral across different smart contract platforms.

It is a community-driven project whose mainnet was launched on the 3rd of December 2020. For every implementation of Bitcoin as collateral to other blockchains, the devs earn a portion of the fees as well as the protocol’s native BADGER tokens from the dev mining pool.

Three months after the main net launch, BADGER went on a sporadic rise claiming its all-time high. The subsequent drawdown was equally dramatic. Since its peak of around $85 in the first week of February, BADGER lost over 91% of its value during the July lows when it fell to a mere $7. Since then, the token has noted a mild recovery.

However, it was still down by more than 74% since its ATH levels. Additionally, the latest hack pulled the crypto-asset by 17% over the past 24-hours. At press time, it was trading at $22.23.

Slew of DeFi Hacks 

The latest reports come just a day after DeFi platform MonoX was drained off $31 million in different cryptocurrencies after the native token, MONO’s prices were artificially boosted. This allowed the malicious entity to use the tokens to buy the other assets in the pools at significantly cheaper rates.

Earlier this month, bZx, a prominent DeFi lender’s private key was compromised which resulted in a hack of over $55 million.