- BadgerDAO suffered a major hack yesterday, with losses amounting to over $120 million.
- One BadgerDAO user lost 896.8 Wrapped Bitcoin worth $51 million.
- On-chain data shows that the wallet holding the 896.8 Wrapped Bitcoin has had several interactions with wallets associated with Celsius Network.
Several BadgerDAO users suffered significant losses when the protocol’s frontend was hacked yesterday—and on-chain data suggests that Celsius Network could have lost an eight-figure sum.
The BadgerDAO Hack’s Biggest Victim
Celsius Network may have been the biggest loser in the recent BadgerDAO hack.
The DeFi protocol BadgerDAO, which specializes in offering yield opportunities on Wrapped Bitcoin, suffered a major hack Thursday after an attacker exploited the app’s frontend website. While the investigation is still ongoing, the attacker is thought to have added a script to the frontend that tricked users into allowing the attacker to drain assets from their wallets. Over $120 million was drained.
The biggest transaction saw the attacker drain 896.8 Wrapped Bitcoin worth just over $51 million from an address commencing “0x534.” On-chain data suggests that the victim could be closely linked to Celsius Network, a CeFi app allowing users to earn interest on their cryptocurrencies.
The transaction history for the “0x534” address shows multiple seven-figure transactions. On Wednesday, for example, the address sent over $2.2 million worth of ConvexCRV to an address commencing “0x5fa.”
It also transferred 125 ETH worth $575,000 to an address commencing “0xdb3” Tuesday. The “0xdb3” wallet currently holds just under $68 million, of which $41.2 million is in Celsius’ CEL token. It’s also had multiple seven-figure transactions with one of Celsius’ main wallets, which commences “0x4f6” and is labeled as “Celsius Network: Wallet 5” on Etherscan.
Transaction history also shows “Celsius Network: Wallet 5” interacting with a wallet commencing “0xef2.” This wallet currently holds $46.7 million in Ethereum, Wrapped Bitcoin, and other assets, and has interacted with the same wallet that received $2.2 million worth of ConvexCRV from “0x534” this week.
A Twitter user going by the name BigTimeCali shared several of the notable transactions in a Thursday tweet storm, reporting that Celsius Network had also deleted questions related to the incident from its Reddit page.
Although the on-chain data isn’t conclusive, it shows that the “0x534” wallet had several interactions with wallets closely linked to Celsius Network. The high value of the transactions also suggests that the wallet holder is a larger player in the space.
Neither Celsius Network nor the company’s founder and CEO Alex Mashinsky immediately responded to Crypto Briefing’s request for comment.
This story is developing and will be updated as further details emerge.
Update 12/03/21 2:16 PM EST: Alex Mashinksy confirmed today in a live stream that Celsius did indeed lose funds through the BadgerDAO hack. However, he also said that while Celsius itself lost money, Celsius members themselves did not. Mashinksky went on to say that Celsius was cooperating with BadgerDAO in an effort to recover the lost funds.
The investigation is ongoing.
Disclosure: At the time of writing, the author of this piece owned ATOM, ETH, and several other cryptocurrencies.