Open in app

Sign in

Write

Sign in

DeFi Security Lecture 4 — Front-end Attack

Beaver Finance
beaver-smartcontract-security
Published in
8 min readDec 16, 2021

The frontend is the main gate to any web application. Most of the blockchain applications actually provide services to users through web pages. It is imperative to understand the underlying vulnerabilities to have a SAFU experience in DeFi.

Term Explanation

Front-end attacks belong to web attack technologies. The usual front-end attacks include XSS attacks, CSRF attacks, network hijacking attacks, and phishing. These attacks are elaborated right down below:

XSS Attack

XXS or Cross-Site Scripting refers to an attack on websites with security vulnerabilities. The attack is made by running illegal HTML tags or JavaScript in the user’s browser. Attackers write scripts to set traps. When users run on their browsers, they will be passively attacked if they are not careful.

Common XSS attacks include false input forms to defraud users’ personal information, steal users’ cookies, and send malicious requests. Common methods to prevent XSS attacks include escaping HTML tags and JavaScript and prohibiting JavaScript from reading cookies.

CSRF Attack

CSRF or Cross-Site Request Forgeries attacks refer to an attacker that uses traps set up to force users who have completed authentication to capture unexpected personal information or set information and other status updates.

Real-world Front-end Attack in DeFi

Badger DAO fell victim to a massive frontend attack, wherein the hackers were able to transfer users’ assets without any authorization. According to the developer’s initial inventory of damaged assets, a total value worth more than 120 million U.S. dollars had been lost in this incident; the stolen amount can be ranked fourth in recent DeFi attacks!

BadgerDAO is a DeFi platform on Ethereum where you can earn yield and rewards from bitcoin and BTC-related assets. The protocol offers opportunities to earn higher ROI than if you keep your BTC as is. In short, BadgerDAO makes your BTC a productive asset.

We have seen from their official website that they seem to employ extensive measures to prevent funds from being stolen, such as audits, Council of White Hats, Bug Bounties, Insurance. And yet, Badger did fall victim. What can we take away from that?

Case Analysis

The hacker managed to tweak the BadgerDAO website/Metamask API and inject his own script. He replaced the correct smart contract with his own. The phishing incident that occurred on 2 Dec 2021 resulted from a maliciously injected snippet provided by Cloudflare Workers.

Cloudflare Workers is an interface to run scripts that operate on and alter web traffic as it flows through Cloudflare proxies. The attacker deployed the worker script via a compromised API key that was created without the knowledge or authorization of Badger engineers. The attacker(s) used this API access to periodically inject malicious code into the Badger application such that it only affected a subset of the user base.

Once you approve the spend limit, the contract will be able to move that particular token you approve from your wallet as much as it likes. The stealing practically will continue to happen, and you can’t stop it. You can revoke access, but in most cases, the hacker will be faster if they’re using automated execution methods (like bots.)

Attack Process

Following contents refer to BadgerDAO Exploit Technical Post Mortem.

  • In late September, users on a Cloudflare community support forum reported that unauthorized users were able to create accounts and were also able to create and view (Global) API keys (which cannot be deleted or deactivated) before email verification was completed (see Cloudflare Forum Post). It was noted that an attacker could then wait for the email to be verified and for the account creation to be completed, and they would then have API access.
  • Upon reviewing Cloudflare logs after the exploit, Badger identified unauthorized account creation and API key generation for three Badger accounts; two in late August one in early September.
  • In mid-September, Badger unknowingly completed the account creation for one of these three compromised accounts, which were used for legitimate Cloudflare management activities. The UI did not make it obvious that the account had already been created and an API key was accordingly generated.
  • On November 10, the attacker began using their API access to inject malicious scripts via Cloudflare Workers into the html of app.badger.com. The script intercepted web3 transactions and prompted users to allow a foreign address approval to operate on ERC-20 tokens in their wallet. On November 20, the first on-chain malicious approval was made for the exploiter wallet.
  • The attacker used several anti-detection techniques in their attack. They applied and removed the script periodically over the month of November, often for very short periods of time. The attacker also only targeted wallets over a certain balance and explicitly avoided targeting listed signers of the Dev Multisig. Finally, the attacker accessed the API from multiple proxies and VPN IP addresses and changed the script on each deployment so they each had a unique hash, rendering static indicators of limited value.
  • The Badger community raised an alert via Discord about a large, suspicious transaction on December 2
  • Badger immediately paused most vault activity within 30 minutes of the alert. A handful of older contracts with a single, inaccessible guardian were paused approximately 15 hours later.
  • After this incident, Cloudflare API keys have been rotated, passwords were changed, and the MFA was transferred following the discovery of the incident.

As this exploit involved Web 2 vectors which are unusual to DeFi attacks, we will provide a short post-mortem of the Web 2 events that occurred and a full Web 3 post mortem that follows standards of reporting in DeFi.

Event Log

Badger provides the following details to help other people identify a similar Web2 compromise.

Here’s what their Cloudflare audit logs look like for one of the exploited accounts:

The earliest evidence we currently had of the attacker trying to take over an account is August 20, 2021.

Per the responses on the Cloudflare forum, the vulnerability appears to have been mitigated around September 29.

Here’s what Badger’s app looked like with the injected code: https://web.archive.org/web/20211129101319/https://app.badger.com/

Badger is redacting the malicious scripts from the summary below at this time while the investigation is ongoing.

Here’s the first example of malicious activity that took place on November 10, 2021:

The following table shows the period for which these malicious scripts were running on the site:

On-chain Events

At around 2:05 AM UTC, on 2 Dec 2021, Badger was alerted of suspicious activity on the platform. The attack was caught by a Community member when they noticed that approximately 900 BTC were removed from the Yearn wBTC vault.

After a quick investigation, the issue was marked as urgent and high priority. At 3:14 AM UTC, Badger began pausing all vault and strategy contracts.

Per BIP-33, addresses approved on the guardian contract have the ability to pause contracts. The pausing functionality of these contracts operates in a manner that blocks any deposit, withdrawal, transfer for ERC20 vaults, withdrawals from strategies, and any minting/redeeming of ibBTC until the unpause function is called on them. Unpausing is restricted to the Dev Multisig, which requires governance approval. Eight older strategies and one vault also require a timelock to unpause.

Most contracts were paused by 3:30 AM UTC. Some older vaults, (namely bcrvRenBTC, bcrvSBTC, bcrvTBTC, bBADGER, bharvestcrvRenBTC and buniWbtcBadger) do not have pause functionality on the vault contract. Their strategies were nevertheless paused to prevent withdrawals. At the time, Badger engineers were unable to access the guardian account of the bBADGER, bharvestcrvRenBTC, and buniWbtcBadger strategies. Further investigation revealed that the strategist who helped develop this smart contract idea also had pausing capabilities, and pausers were eventually able to pause the strategies with the strategist account.

A list of all of the pausing txs can be found here. As soon as the vaults were paused, the exploiter’s transferFrom calls began to fail.

The graphs below show the movement of Badger Sett tokens stopping after pausing. (Note: The y axis shows the raw number of Badger Sett tokens)

Attack Execution

Through the Web2 intrusion, the attacker was able to phish for ERC20 token approvals from Badger users through the user interface. The hacker tricked users into signing token approve or increaseAllowance calls allowing the main exploiter EOA account (0x1fcdb04d0c5364fbd92c73ca8af9baa72c269107) to spend funds.

After phishing a number of approvals, a funding account sent 8 ETH to the attacker’s account to fuel a series of transferFrom calls on the users’ approved tokens. This allowed the attacker to move funds on behalf of the users to other accounts, liquidating the funds and exiting via the Badger Bridge to BTC.

Defensive Measures

If you are into DeFi for the long game, make sure to take full ownership of your financial activity. That’s the responsibility you must bear in exchange for full custody of your own assets.

There are several precautions that can be implemented:

  • Double-checking the contract:

I admit even I don’t do this often. But this hack has put me on alert. Check the contract by clicking its address on Metamask. If you don’t know how to read a contract, it’s a good time to start learning to.

  • Prefer spend limit rather than infinite unlock:

Yes, people usually approve infinite spending so they don’t have to do this again in the future — and therefore spending more on gas fees. But as the hack’s damage showed us above, the loss is not worth it for being penny-pinching on gas fees.

  • Do approvals cleanse:

People on Twitter shared services like revoke.cash to revoke approvals you confirmed in the past.

  • Spreading assets across several wallets:

Don’t put all your eggs in one basket. It’s always wise to spread your assets into several wallets. So when your wallet is affected, you don’t lose everything.

It’s also a matter of convenience. Anyone affected by this hack will have to move their funds into a fresh wallet. The affected one is somehow “tainted.” Even though technically it’s safe again after you revoke the malicious contract, you’re still gonna be reminded with a bad memory and less peace of mind.

It will be easier if you don’t have to move your entire net worth — just a portion that was stored in the affected wallet.

  • Consider Insurance:

For whales with millions staked in a protocol, getting insurance is nothing but necessary.

Although in this BadgerDAO case, it won’t be covered, the hack shows us that digital robbery does happen very often in this space. It’s wise to use any precautionary step available to decrease the risk of losing your money and not getting reimbursed — especially for a big amount of money.

Summing up

For example, the hacker didn’t need to create a sophisticated smart contract exploit or complicated flash loan transactions like how it happened with Cream Finance last October. It all happened on the front-end level and being attacked in places that were not noticed caused all efforts to be wasted.

Beaver Finance team up with experienced security experts on building our system and would continuously share our findings on DeFi security topics.

Stay Alert, Stay Safe!

Reference:

1,BadgerDAO Exploit Technical Post Mortem

https://badger.com/technical-post-mortem

--

--

Beaver Finance
beaver-smartcontract-security

Written by Beaver Finance

125 Followers
Editor for

Beaver Finance is a Single-Asset Intelligent Yield Enhancing platform with the Option-based cutting-edge hedging solution for Impermanent Loss.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams