Minister's data exposed on -Dark Web after buying cryptocurrency in cyberattack: Report

Swiss federal councilor Alain Berset was the victim of a data breach that made his address, private email and home phone number public after a company he used to buy cryptocurrency was hacked, Swiss newspaper Le Matin Dimanche reported.

French tech firm Ledger SAS, which offers services including the purchase, storage and security of cryptocurrencies, suffered a cyberattack in June 2020 and Berset was among the customers whose data was compromised, the newspaper said.

Berset's address and phone number in the canton of Fribourg could be found on the dark web, a part of the Internet where stolen personal data is sometimes sold, according to the newspaper.

Berset is the minister for Switzerland's Department of Home Affairs, which has been a lead agency for the Alpine nation's coronavirus pandemic response. A spokesperson for the department confirmed to Le Matin that Berset “bought cryptocurrencies a few years ago privately, in order to understand how they work”.

The spokesperson didn't give the amount the politician invested nor whether he still owned any cryptocurrency. Berset was previously unaware of the data breach at Ledger, the person said.

Ledger says on its website that it warned its customers by email after the 2020 cyberattack. It also says their assets have never been threatened, and that no information concerning specific amounts or transactions was stolen.

DeFi Platform BadgerDAO Says Cloudflare Flaw Led to $130 Million Heist

(Bloomberg) Decentralized finance platform BadgerDAO said a flaw in the account creation process of the software company Cloudflare Inc. led to the theft of $130 million in cryptocurrencies earlier this month.

BadgerDAO detailed how the hack took place in a blog post on Thursday, saying a phishing attack that occurred on Dec. 2 was a result of “maliciously injected snippet provided” by Cloudflare Workers, a serverless application platform that runs on its cloud network. The post, which was prepared by BadgerDAO and cybersecurity firm Mandiant Corp., said the Cloudflare flaw had been since been remediated.

BadgerDAO hired Mandiant and blockchain forensic analysis firm Chainalysis Inc. to investigate the breach, according to the blog post.

Asked about the claims, Cloudflare said in a statement that its systems “were not compromised” and that “this has not impacted any other customers.”

“Last week, we were made aware that BadgerDAO experienced an incident,” according to Cloudflare. “We have been in touch with the organization and have provided active support to their investigation.” Cloudflare said there is no vulnerability in its Cloudflare Workers product.

BadgerDAO said more than $9 million in stolen funds are recoverable, as they were transferred by the attacker but not yet withdrawn from the company's vaults, according to the blog post. The hacker's identity isn't publicly known.

BadgerDAO didn't respond to a request for comment. Mandiant and Chainalysis also declined to comment, citing an ongoing investigation. In a tweet, Chainalysis said the hackers converted the stolen cryptocurrencies to Bitcoin.

In its blog postings, BadgerDAO said it is considering how it may repay the stolen funds, and that the breach has been reported to law enforcement in the U.S. and Canada.

The theft is just the latest in a string of hacks on decentralized finance platforms, which have resulted in hundreds of millions of dollars of losses this year. The theft is the fifth largest decentralized finance hack in terms of losses, according to Rekt News, which maintains a “leaderboard” of compromised organizations

“By the end of July 2021, major crypto thefts, hacks and frauds totaled $681 million,” according to an August report published by blockchain forensics company CipherTrace Inc. DeFi crimes continue to grow, and in the second quarter of this year, criminals netted “new highs in DeFi-related proceeds,” according to the report.

In its blog post describing the hack, BadgerDAO provided screen shots of its internal logs, revealing how a hacker allegedly leveraged a flaw in Cloudflare's product to inject malicious code into the BadgerDAO application. The blog is unusually detailed, as most organizations that suffer hacks reveal little information.

“Badger appreciates our community's patience while we figure out how to balance our commitment to transparency with the fact that this is still an ongoing investigation with rapidly changing information,” the blog post said.

Though BadgerDAO says the attack occurred on Dec. 2, “the actual compromise may actually date back to Nov. 20,” according to an analysis by TRM Labs, which helps financial institutions and governments fight crytocurrency fraud, money laundering and financial crime. The hacker intercepted several large customer transactions, with one of them netting more than 900 wrapped Bitcoin -- an Ethereum token representing Bitcoin -- or roughly $50 million, TRM said. In total, the hacker appears to have stolen more than 2,000 Bitcoin equivalent and 151 Ethers, the blockchain forensics firm said.

“As the various forms of wrapped Bitcoin were diverted to the hacker's address, they were converted in real-time to renBTC, a tokenized version of Bitcoin on the Ethereum blockchain, then swapped to the Bitcoin blockchain,” TRM said in a recent blog.