Cyber ​​attack steals $ 120 million in cryptocurrency

Cyber ​​security attacks are on the increase, and the amounts stolen can now reach eight-figure amounts.

It is surely one of the most impressive flights of recent years. If cryptocurrencies are often presented as a guarantee of security, they which are listed in the blockchain, it is not inviolable for all that. Indeed, Wednesday evening, the financial platform BadgerDAO was the victim of one of the biggest attacks in its history.

One person has indeed managed to drain some $ 120 million in various cryptocurrency. While the investigation is still ongoing, which is being carried out jointly by Badger and Peckshield, a firm expert in blockchain security and data analytics, the person inserted a malicious script into the user interface of their website.

896 Bitcoin at once

All the users who thus interacted with the site when the script was relevant, the cybercriminal intercepted the Web3 transactions and inserted a request to transfer the tokens from the victim’s account to the criminal’s address. PeckShield points to a transfer that pulled as many as 896 Bitcoins directly into the accounts of criminals. All for a value of over $ 50 million.

According to the first information revealed for the moment by the investigation, the malicious script would have arrived on November 10 on the Badger site. In order to avoid being detected too quickly, the criminals would then have disposed of the code at irregular time intervals and for very short periods of time.

Finally, when Badger realized the attack it was already too late. More than $ 120 million in cryptocurrency had disappeared in “transparent” transactions. Almost all of the site was finally frozen while the first stages of the investigation revealed more about the hackers’ modus operandi.

A simple human error?

The latter would indeed have succeeded in having access to Cloudflare thanks to an API key which should have been under two-factor authentication. The origin of this large-scale attack would therefore have been human, as is often the case today in cyberattacks. Indeed, the human factor remains the last weak point of the sophisticated computer systems that we have today.

Even in cutting edge structures like a cryptocurrency exchange as a badger, not everyone seems to realize the importance of two-factor authentication. An obvious step in the security of personal data encouraged by all the largest companies in the world of new technologies.

Leave a Comment