Crypto Company to Hackers: Give Back Our $119M

BadgerDAO

The blockchain company BadgerDAO has a message for whoever stole $119 million in cryptocurrency from its platform: Please give it back.

As Vice reported on Monday (Dec. 6), a hacker – or group of hackers – took around 2,100 in bitcoin (worth $118.5 million) and 151 in Ethereum ($679,000) last week.

“You have taken funds that do not belong to you, but we are willing to work with you and compensate you for identifying this vulnerability in the systems,” BadgerDAO said in a public announcement. “We are providing you with a direct line of communication to discuss a peaceful resolution without involving any outside parties. Contact us to discuss further and do the right thing on behalf of the community.”

According to the Vice story, the hacker/hackers carried out the theft by stealing an API key that let them control BadgerDAO’s Cloudflare account. That enabled them to insert a malicious script onto the site, which prompted customers to turn over wallet permissions.

Read more: Poly Network Hacker Returns $610M in Stolen Crypto

This is at least the second time this year a crypto platform has asked hackers to return what they stole. And in the case of the hack on Poly Networks in August – a much larger theft than the attack on BadgerDAO – the request worked.

As PYMNTS reported at the time, the so-called “white-hat” hacker exploited a vulnerability in the crypto Poly Network’s system to steal $610 million in digital currency. The company responded by putting up $500,000 to encourage the hackers to return the funds. The hackers eventually returned the stolen funds, transferring them to addresses on Ethereum, Binance Smart Chain and Polygon. Poly Network said it did not intend to pursue criminal charges for the theft.

Read more: Crypto Exchange Bitmart Confirms $196M Lost in Security Breach

News of this hack comes just days after a report that hackers stole $196 million in cryptocurrency from BitMart:  $100 million on the Ethereum blockchain and $96 million from the Binance Smart Chain.

BitMart initially denied the hack, calling it “fake news” and saying the outflows were standard withdrawals, before confirming the breach hours later.