Cryptocurrency firm BadgerDAO begs for return of $154 million of stolen tokens

An illustration of bitcoin
Another cryptocurrency heist over the weekend cost BitMart $290 million. Photo credit: Getty Images

An organisation robbed of NZ$154 million worth of cryptocurrency is begging the perpetrators to return the stolen money - and is even willing to let them keep some if they do so.

Last week 2100 bitcoins worth $153 million and 151 ether worth $944,000 were stolen from a company called BadgerDAO using an exploit which led users to approve a malicious contract.

The company has said it is working with data forensic experts and both US and Canadian law enforcement authorities to investigate the heist but is also reaching out directly to those responsible.

"You have taken funds that do not belong to you but we are willing to work with you and compensate you for identifying this vulnerability in the systems," the company wrote.

"We are providing you with a direct line of communication to discuss a peaceful resolution without involving any outside parties. Contact us to discuss further and do the right thing on behalf of the community."

Because of the theft much of the functionality of Badger remains unavailable - meaning users can't deposit, claim rewards or withdraw their money. It says it is working to ensure that can be done without further risk to funds before switching back on the functionality.

Unbelievably, the $154 million heist is only the second largest crypto theft in the last week, with hackers also able to steal $290 million worth of tokens from BitMart, a cryptocurrency exchange over the weekend.

They did so by stealing a private key which accessed two wallets full of tokens, according to CEO Sheldon Xia.

"BitMart will use our own funding to cover the incident and compensate affected users," Xia wrote.

"We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed."

Users of BitMart are also unable to deposit or withdraw funds due to the ongoing remediation efforts.

According to blockchain security and data analytics company PeckShield, the hackers used a company called 1inch to convert all stolen cryptocurrency into ether.

They then deposited those funds into Tornado Cash, which allows anonymous transactions, making it harder to trace those responsible.