Too Long; Didn't Read
The Badger DAO attack was conceptually very different from the more traditional attack we have seen in DeFi. The attacker did not meddle with the smart contract but simply decided to look at the project's web interface. The malefactor managed to substitute the. smart-contract address in the web interface of Badger. Users were receiving fraudulent permission requests that allowed the hacker to steal their coins from their wallets. But due to the fact that those requests did not look different apart from addresses of the smart contracts, many of the users.