BadgerDAO reportedly suffered a security breach and lost USD 10 million

The BadgerDAO decentralized financial protocol appears to have suffered a cyber attack, and reportedly lost $10 million at the time of writing.

The attack was made public at around 2 a.m. UTC on December 2, targeting the protocol on the Ethereum network with the contract address 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107.

Users who have interacted with this contract are urged to revoke their wallet permissions.

To revoke access to the contract, please visit Ethernet Scanning Network And log in with a wallet that you think may be exposed. Although this attack occurred only recently, the license of the contract may have been established a few weeks ago.

total Unproven The loss was approximately US$10.6 million.

The BadgerDAO team has not confirmed the vulnerability, but it has been released tweet 4:30 AM UTC time Confirmation of a problem report. All smart contracts on BadgerDAO have been suspended to prevent more potentially malicious withdrawals.

Early reports stated that some users received abnormal Spend the request from the smart contract on the protocol. It is suspected that these requests are attacks through the front end of the protocol.

Some people revised the value of the suspected loss to more than 100 million U.S. dollars, and one of them user Allegedly $90 million was lost.

related: Hackers can install mining software using a compromised Google Cloud account within 30 seconds: report

On Badger’s official Discord server, core contributor Tritium wrote: “It looks like a bunch of users have set approval for the vulnerability address, allowing it to use their vault funds to operate, and then it was exploited.”

At the time of writing, BADGER is down 15% to $22.71 Gingerko.