{"id":375321,"date":"2021-12-02T11:40:23","date_gmt":"2021-12-02T08:40:23","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/badgerdao-reportedly-suffers-security-breach-and-loses-10m\/"},"modified":"2021-12-02T11:40:23","modified_gmt":"2021-12-02T08:40:23","slug":"badgerdao-reportedly-suffers-security-breach-and-loses-10m","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/badgerdao-reportedly-suffers-security-breach-and-loses-10m\/","title":{"rendered":"# BadgerDAO reportedly suffers security breach and loses $10M"},"content":{"rendered":"<p>&#8220;<strong># BadgerDAO reportedly suffers security breach and loses $10M  <\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMTIvYWY0ODc1NTctZWI3OS00YzY3LTg5ZjctNTYyZTM0M2ViYTU0LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-128018ef>The BadgerDAO decentralized finance protocol <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to have suffered from a cyber attack leading to the loss of a reported $10 million at the time of writing.\u00a0<\/p>\n<p>The attack, which was made public at about 2 a.m. UTC on Dec. 2, targeted the protocol on the Ethereum network at contract address 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">FYI, nasty frontend attack on Badger, looks like ~10m taken out of people&#8217;s wallets using rug approval. If you&#8217;ve interacted with anything badger related in last few weeks, check and revoke asap <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/vJPMmBZ3af\">https:\/\/t.co\/vJPMmBZ3af<\/a><\/p>\n<p>\u2014 Spreek (@spreekaway) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/spreekaway\/status\/1466255371169943556?ref_src=twsrc%5Etfw\">December 2, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nUsers that have interacted with this contract are urged to revoke permission from their wallet.\u00a0<\/p>\n<p>To revoke permissions of a contract, visit <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/address\/0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107\">etherscan.com<\/a> and login with a wallet you believe may be exposed. Although the attack only happened recently, permission for the contract may have been established weeks ago.<\/p>\n<p>The total <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/GordoAir\/status\/1466247425547325441\/photo\/1\">unconfirmed<\/a> losses come to about $10.6 million.<\/p>\n<p>The BadgerDAO team has not confirmed the exploit, but it issued a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BadgerDAO\/status\/1466263899498377218\">tweet<\/a> at 4:30 a.m. UTC acknowledging that there have been reports of problems. All smart contracts on BadgerDAO have been paused in an effort to prevent any more potentially malicious withdrawals.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Badger has received reports of unauthorized withdrawals of user funds.<\/p>\n<p>As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals.<\/p>\n<p>Our investigation is ongoing and we will release further information as soon as possible.<\/p>\n<p>\u2014 \u20bfadgerDAO  (@BadgerDAO) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BadgerDAO\/status\/1466263899498377218?ref_src=twsrc%5Etfw\">December 2, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Early reports claim that some users received <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/fewture\/status\/1466275225037950978\">unusual<\/a> spend requests from the smart contracts on the protocol. It is suspected that these requests were the attack in action through the front-end of the protocol.<\/p>\n<p>Some have revised the value of suspected losses to upward of $100 million, with one <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/spreekaway\/status\/1466292125134467072\">user<\/a> reportedly losing $90 million.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Hackers can use compromised Google Cloud accounts to install mining software in under 30 seconds: Report<\/em><\/strong><\/p>\n<p>On Badger\u2019s official Discord server, core contributor Tritium wrote \u201cIt looks like a bunch of users had approvals set for the exploit address allowing it to operate on their vault funds and that was exploited.\u201d\u00a0<\/p>\n<p>BADGER is down 15% to $22.71 at the time of writing on <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.coingecko.com\/en\/coins\/badger-dao\">Coingecko<\/a>.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/badgerdao-reportedly-suffers-security-breach-and-loses-10m\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# BadgerDAO reportedly suffers security breach and loses $10M &#8221; The BadgerDAO decentralized finance protocol appears to have suffered from a cyber attack leading to the loss of a reported $10 million at the time of writing.\u00a0 The attack, which was made public at about 2 a.m. UTC on Dec. 2, targeted the protocol on&#8230;<\/p>\n","protected":false},"author":1,"featured_media":375322,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMTIvYWY0ODc1NTctZWI3OS00YzY3LTg5ZjctNTYyZTM0M2ViYTU0LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74868,74882,70944,4965],"class_list":["post-375321","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-defi","tag-hacks","tag-hackers","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/375321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=375321"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/375321\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/375322"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=375321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=375321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=375321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}