May 10, 2022

Behind The Scenes Of The BadgerDAO Hack

28 minutes

The BadgerDAO hack was one of the most unique exploits in what would be a string of DeFi hacks that have taken place in 2021 and 2022. Over $120 Million of user funds were siphoned out of the DAO due to compromised API keys and a malicious exploit into the Cloudflare infrastructure, an application platform that ran on Badger’s cloud network.

In this episode of Public Key, our host, Ian Andrew (CMO at Chainalysis) along with his colleague, Beth Bisbee (Head of US Investigations) dive deep into the nuances of the hack and identify how the exploit took place, how blockchain investigations tools like Reactor play a crucial part in the tracing of the stolen funds and how hacks like this may be avoided in the future. This is an important episode for those that are transitioning into web3 with reliance on web2 applications and technology.

Minute-by-minute episode breakdown

(4:45) – Understanding the BadgerDAO organization and how they bring Bitcoin to the Decentralized Finance (DeFi) space

(7:30 – How did the BadgerDAO hack occur and where did the exploit take place

(9:33) – Why it was so difficult to users to notice the hack or unusual activity

(11:00) – How the hacker was able to exploit API keys and gain access to developer email address

(16:35) – How was the hack identified and how the community escalated the issue

(18:18) – What leads can be identified pre the attack in order to better chances of catching the hackers

(22:40) – Explaining the investigative process when a hack happens on the blockchain

(26:30) – How to safely transition from web2 to web3 on DAOs and DeFi platforms

(28:25) – The emergence of multifactor hardware based authentication

Related resources

Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key.

Registration: Chainalysis Links Conference (May 18-19, 2022)

Blog: Defi Hacks Are on the Rise

CoinDesk Article: BadgerDAO Reveals Details of How It Was Hacked for $120M

Report: The Chainalysis 2022 Crypto Crime Report

Speakers on today’s episode

Ian Andrews * Host * (Chief Marketing Officer, Chainalysis) https://www.linkedin.com/in/ianhandrews

Beth Bisbee (Head of US Investigations, Chainalysis)

https://www.linkedin.com/in/beth-bisbee-49253932

Please note that BadgerDAO is a Chainalysis customer.

This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.

Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.

Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company.

...more