On-chain data suggests that Celsius Network may have fallen victim to the BadgerDAO exploit, losing $50 million.
The hack’s biggest victim
DeFi protocol BadgerDAO, which specializes in offering yield opportunities on wrapped Bitcoin, was the victim of a major hack on Thursday after an attacker exploited the app’s front-end website. According to a Twitter user the most prominent alleged victim of the hack was an address that lost 896 wrapped bitcoin ($51 million). The address is believed to belong to Celsius as it has interacted with other addresses that are related to the company.
The wallet address regularly transacts with an address that has a balance of $67 million, of which $40 million is Celsius’ eponymous native token CEL. The address is also said to belong to Celsius, as it is associated with at least one address tagged on Etherscan as Celsius Network Wallet as they share 5 important transactions. BigTimeCali shared several of the notable transactions in a tweetstorm on Thursday, reporting that Celsius Network had also deleted questions about the incident from its Reddit page.
BadgerDAO suffered from an exploit
The protocol officially announced that it had received multiple exports of unauthorized withdrawals of user funds on Dec. 1. The Badger team investigated the issue further and paused all of the protocol’s smart contracts to prevent further losses. A total of $120 million was stolen from users. Although the on-chain data is inconclusive, it shows that wallet “0x534” had multiple interactions with wallets closely associated with the Celsius Network, and the company has not responded to confirm whether or not the wallet belongs to them.
Some users reportedly became aware of the vulnerability as early as five days ago and reported the issue to BadgerDAO developers. However, the team seems to have largely ignored the issue. A screenshot posted by Twitter user DeFi Ahab shows that a Discord member calling himself fewture alerted the team to the “increase allowance” prompt before Badger team member blackbear dismissed the concern, saying it was probably because “the UI got a bit bugged.”