Hacked! DeFi protocol BadgerDAO loses over $120M after front end exploit

Key Takeaways:

• DeFi protocol BadgerDAO fell victim to a hack that resulted in the loss of $120 million.
• BADGER, the protocols token, fell over 21% in a day following news of the hack.

NEW DELHI (CoinChapter.com) — BadgerDAO, a platform that helps users earn yields against Bitcoin, was the target of a cyberattack.

The attacker targeted the protocol using the smart contract address 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107.

At the moment, there is no statement from BadgerDAO regarding the amount of stolen funds. However, blockchain data analytics company PeckShield estimates hackers looted a total of $120.3 million in BTC and ETH.

The DeFi firm first acknowledged receiving suspicious activity reports from several users in a tweet on Dec 2. However, BadgerDAO is yet to confirm the exploit that the hacker utilized. Currently, speculation on Twitter suggests the attack targeted the BadgerDAO website’s user interface, not core protocols.

On Wednesday, the attacker stole funds from several wallets using malicious contract permissions. Although the theft occurred on Wednesday, posts on Twitter suggest several users had been noticing suspicious activity for nearly two weeks.

It looks like a bunch of users had approvals set for the exploit address allowing [address] to operate on their vault funds and that was exploited. Once we noticed we froze all the vaults so nothing can move and are trying to figure out where the approvals came from, how many people have them, and what next steps are.

Badger core contributor Tritium on Discord

In detail, the suspicious activity involved the affected users’ wallet providers asking for extra permissions. The hacker waited for days before pulling the rug on Wednesday morning around 9 PM EST. Posts on social media urged users who have interacted with the malicious contract to revoke all permissions awarded to the contract from their wallets.

Also Read: Harmony (ONE) attracts $371M to its liquidity pools on booming DeFi, Gaming craze.

At present, BadgerDAO has suspended all smart contracts on its platform to prevent further damage from the exploit.

Meanwhile, BadgerDAO announced it has hired Chainalysis, a blockchain data platform, to investigate the incident. In addition, the platform is also working with US and Canadian authorities to find the culprits responsible.

BadgerDAO Token Price Plunges

BadgerDAO’s native token, BADGER, plunged more than 20% after news of the hack spread. The token continued its decline alongside a descending trendline. With FUD created by the hacking news and the lack of official information, panicked traders sold their BadgerDAO tokens, crashing prices.

The token fell from Dec 2’s high of $27.2 to the day’s low of $21, losing 22.6% before recovering. As such, it is BADGER’s second-highest intraday decline since Sept 7. Moreover, the descending resistance trendline has formed a confluence resistance with the token’s 26-day EMA at $26

Meanwhile, the token’s MACD, which looked poised to chart a bullish crossover soon, saw bearish momentum gain strength following Thursday’s decline. A bullish crossover occurs when the MACD (difference between 12-day and 26-day EMA) starts to move upwards and crosses over its signal line (9-Day EMA of MACD.

Also Read: DeFi token Aave to hit $1K? This bullish formation says yay.

A bullish crossover is easy to identify, and often forecasts buy signals. Bars on the MACD histogram turn green when the momentum is bullish and vice versa. However, given BADGER prices historical movement below the descending trendline, it is unlikely the DeFi token would start a massive bull run any time soon.

On the other hand, if prices continue to fall, BADGER would likely consolidate above the support ta $20.2. If the cyberattack FUD continues, prices could break below immediate support to consolidate above support at $18.749.

At the time of writing, BADGER was trading at $21.3