Crypto Scams: BitMart, Badger Lose $300 Million in Bitcoin, Ethereum in Crypto Hacking; What Will Happen to Victims?

Crypto Scams: BitMart, Badger Lose $300 Million in Bitcoin, Ethereum in Crypto Hacking; What Will Happen to Victims?
BitMart’s Badger lost millions of investments through crypto scams. The crypto hacking infected their Cloudflare systems using an API key that should have been protected by two-factor authentication. Spencer Platt/ Getty Images

BitMart is the recent company affected by crypto scams.

Unfortunately, crypto hacking drained assets from various cryptocurrency wallets linked to the decentralized finance website BadgerDAO on Wednesday night, December 1.

Perkshield is a blockchain security and data analytics firm that is collaborating with Badger to investigate the crime.

As reported by Perkshield, the numerous tokens stolen in the recent crypto hacking are worth around $120 million.

Crypto Hacking in BitMart

The investigation is still underway.

Badger team members have advised consumers that they suspect the problem was caused by someone installing a malicious script into their website's UI. This would intercept Web3 transactions and insert a request to transfer the victim's tokens to the attacker's selected address for any users who interacted with the site while the script was active.

Badger expressed that they can see what happened when the attackers pounced since the transactions are transparent.

PeckShield pointed to one transfer that dragged 896 Bitcoin valued more than $50 million into the attacker's coffers.

Furthermore, the malicious code first emerged on November 10, and the attackers executed it at seemingly random intervals to evade discovery.

Crypto Hacking Crypto Scams That Affected Badger

Decentralized finance (or DeFi) systems use blockchain technology to enable crypto owners to do more traditional financial transactions, such as lending and earning interest.

BadgerDAO promises users they can stop worrying about giving up their private key for their crypto.

Badger users can also withdraw anytime they like. The company assured its customers that their strategies are working to put their assets to work.

The procedure of Badger enables people who do have Bitcoin to "bridge" their cryptocurrency over to the Ethereum platform via its token, and reap the benefits of DeFi opportunities they otherwise might not have access to.

However, Badger suspended all smart contracts, effectively freezing its platform, after becoming aware of the illicit transfers, and recommended users to deny all transactions to the attacker's addresses.

According to The Verge, during Thursday night, December 2, the company stated that has Badger has hired data forensics experts Chainalysis to investigate the entire scope of the event, and authorities in both the United States and Canada have been notified.

The company is working very closely with independent investigations while also moving forward with its own.

Badger Addressing Crypto Hacking

Badger is looking into how the attacker allegedly gained access to Cloudflare using an API key that should have been protected by two-factor authentication.

While the attack did not uncover any specific faults in the blockchain technology, it did manage to hack the older "web 2.0" technology that most users must employ in order to complete transactions.

Many crypto scams, phishing tactics, and mass credential stuffing attacks are protected by multi-factor authentication systems.

Despite this, experts have cautioned repeatedly about targeted phishing assaults that can circumvent it, and toolkits to automate the process have been available for years.

In a 2019 FBI alert (pdf), the FBI noted that criminals' ability to circumvent MFA was expanding, and advised adjustments or training that may make such assaults more difficult to carry out.

Two-Factor Authenticator For Crypto Scams

Even within traditional banking apps, getting two-factor authentication right may be difficult.

However, crypto scams and crypto hacking occurrences like this one, as well as Poly Network's stolen-and-returned $600 million hijackings in August, and the $53 million heists that hit the first DAO ever in 2016, should be enough to raise security awareness further than protocols and encryption.

Unfortunately, as reported by Coin Desk, it is yet unclear how much money will be recovered and how those who have been harmed will be compensated.

However, everyone involved in the worlds of crypto, blockchain, and Web3 apps may find it necessary to comprehend how approvals, signing, and transactions work and keep an eye on them in the future.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics