Crypto NewsUncategorized

What Happened In BadgerDao

The phishing attack was rigged BadgerDao. As a result, the Defi solution that runs on the top of the Ethereum blockchain has lost more than $130M. 

Type of Phishing Attack

Cloudflare Workers had a weak point where it allowed users to create accounts and view global API keys before email verification was completed. Unfortunately, this creates a loophole that allows attackers to gain API access for specific users. 

On-Chain Malicious Approval

The attacker used their API access to inject malicious code through Cloudflare Workers, intercepted web3 transactions, and allowed a foreign address approval to operate on ERC-20 tokens in their wallet.

Also, check out Institutional Investors vs. Whales

Undetected Mechanics

Attackers had several anti-detection techniques, applied and removed their scrip periodically, and used multiply proxy and VPN IP addresses to hide their true identities.

What Has Really Happened

In plaint English, attackers could create a fake account but without needing to verify their email addresses. And they were able to access users’ data from the database. They can even create their own applications to intercept users’ transactions and create a fake address to execute code and send their funds into the address without letting the administrator to aware of any suspicious activities.

Layer 2 Is Unsecured

The problem of any Defi projects is they launch as quickly without ever letting security audit. When the platform connects to the internet, there are possibilities of attacking from everywhere, 24/7. There is a need for the security protocol of each transaction to execute within the blockchain than moving actual funds on layer 2.

In Conclusion

Many hacking incidents caused multiple million dollars to lose. So when can people learn a lesson without losing their clients’ money?

Related posts
Crypto News

BAYC | Ape Fest to Whiskey and The Scandal?!? #BURNBAYC?

Crypto News

Luxury Fashion Brands Are Entering The Crypto Space

Crypto News

Bitcoinstalking on Crypto Staking

Crypto News

Top Places to Purchase Crypto for the Beginner

Sign up for our Newsletter and
stay informed

Leave a Reply

Your email address will not be published.