The BadgerDAO decentralized finance protocol seems to have suffered from a cyber attack leading to the loss of a reported $10 million.
The attack, which was made public at about 2 a.m. UTC and targeted the protocol on the Ethereum network at contract address 0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107. Users that have interacted with this contract are urged to revoke permission from their wallet.
The BadgerDAO team has not confirmed the exploit, but released a tweet at 4:30 a.m. UTC admitting that there have been reports of problems. All smart contracts on BadgerDAO have been stopped in an effort to thwart any more potentially malicious withdrawals.
Early reports claim that some users received unusual spend requests from the smart contracts on the protocol. It is suspected that these requests were the attack in action through the front-end of the protocol.
Some have revised the value of suspected losses to upward of $100 million, with one user reportedly losing $90 million.
