BadgerDAO ve $120 Millones de Crypto Heist a través de Cloudflare Hack
As soon as BadgerDAO became aware of suspect wallet activity, the company immediately froze all smart contracts running in its platform – a way to stem the bleeding until the security audit could be conducted. el jueves por la noche, BadgerDAO announced it had “retained data forensics experts Chainalysis to explore the full scale of the incident & authorities in both the US & Canada have been informed & Badger is cooperating fully with external investigations as well as proceeding with its own.”
According to BadgerDAO, the attacker managed to access the Cloudflare API used by the company without triggering the two-factor authentication protection that should have been enabled. Por supuesto, two-factor (or multi-factor) authentication can and has been subverted before; there have been multiple instances of phishing attempts that manage to cross the bridge over to 2FA keys, and there are even toolkits available that automate the entire process. While it’s still one of the most cost-effective ways to increase security access whenever credentials are involved, like every security measure, it requires attentive user interactions. As cryptocurrencies’ mainstream attraction and adoption increases, so too will the upside of pulling of these hacking stunts; and so too are heists expected to increase in frequency – and scale.