BadgerDAO’s decentralized financial protocol appears to have undergone a cyberattack resulting in the loss of $ 10 million at the time of writing.
The attack, which was announced around 02:00 UTC on December 2, targeted a protocol on the Ethereum network at host addresses 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107.
Users who have interacted with this contract are advised to revoke permission from their wallet.
To revoke contract permissions, visit etherscan.com and log in with a wallet that you think may be delayed. Although the attack happened quite recently, it is possible that the contract was signed a few weeks ago.
Total unconfirmed losses were approximately $ 10.6 million.
The BadgerDAO team did not confirm the existence of the exploit, but sent out a tweet at 04:30 UTC confirming the reports of problems. All smart contracts on BadgerDAO have been suspended to prevent further potentially malicious withdrawals.
Early reports claim that some users have received unusual consumer requests for smart contracts over the protocol. It is suspected that these requests were attacked in action through protocol injection.
Some have adjusted their estimated losses to more than $ 100 million, with the user rumored to have lost $ 90 million.
RELATED: Hackers Can Use Hacked Google Cloud Accounts To Install Mining Software In Less Than 30 Seconds: Report
On the official Discord Badger, the main Tritium contributor wrote: “It looks like a group of users set credentials to the exploit address so that it can work with their repository resources, and this was exploited.”
BADGER is down 15% to $ 22.71 at the time of writing on Coingecko.