BadgerDAO Frontend Hack

BadgerDAO was the target of a significant security breach in December of 2021. This incident was one of the largest DeFi exploits to date, with over $120M in user funds stolen. The attackers were able to compromise BadgerDAO's official website, allowing them to insert additional approval transactions into the website that set the attacker's wallet as the authorized spender.

BadgerDAO is a popular DeFi project that focuses on bringing Bitcoin into Ethereum's thriving DeFi ecosystem. Most of the stolen funds were vault tokens that were quickly cashed out and bridged back to the BTC chain. It is speculated that the attackers gained access to the project's Cloudflare account, but this was never confirmed by the BadgerDAO team. By the time the team noticed the exploit, the website had already been compromised for almost 2 weeks.

Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.