Cyber Incident Victim: Badger

On December 2, 2021, Badger, a decentralized finance (DeFi) platform enabling cryptocurrency borrowing, lending, and speculation, suffered a security breach resulting in the theft of approximately $120 million worth of digital assets. Blockchain analysis firm PeckShield first detected the incident, identifying unauthorized withdrawals exceeding 2,100 Bitcoin and 151 Ether from user accounts. The stolen assets were valued at $120.3 million at the time of the attack, with one individual user losing over 900 Bitcoin alone—equivalent to roughly $50.5 million. Badger officially acknowledged the hack through a Twitter statement and immediately froze all platform operations to contain the breach and initiate an investigation. The company did not disclose technical details about the attack vector or confirm whether user funds beyond the identified losses were compromised during the incident.

Cryptocurrency news outlets including Coinspeaker, CryptoBriefing, and CryptoSlate reported claims from Badger’s Discord community suggesting attackers exploited a vulnerability in the platform’s user interface to gain unauthorized access to accounts and siphon funds. Badger did not validate these user theories or respond to media inquiries from The Record or other outlets at the time of initial reporting. The incident represented an atypical attack vector, as most cryptocurrency platform breaches historically involved protocol-level exploits or compromised employee credentials rather than front-end interface vulnerabilities. With estimated losses of $120 million, the Badger heist ranked as the third-largest cryptocurrency theft of 2021, trailing only the PolyNetwork and Cream Finance incidents. The platform remained non-operational during the investigation, with no public timeline provided for restoring services or compensating affected users at the time of initial disclosure.