It was a tough couple of weeks for Celsius Network. Celsius is a neobank platform that touts its ability to generate returns on parked crypto. Currently, Celsius is promoting potential returns of over 17%.
As was widely rumored, Celsius Network was impacted by the Badger attack but said that no Celsius clients nor user assets were impacted. But while Celsius customers have not taken a hit, it appears that Celsius the firm may have lost an undisclosed amount of funds in the hack.
.@CelsiusNetwork was made aware that the Badger platform had suffered an attack of unauthorized withdrawal of funds. The attack did not occur on the core Celsius platform. No Celsius client and user assets were affected. (1/5)
— Celsius (@CelsiusNetwork) December 3, 2021
The attack on Badger was estimated to have garnered $120 million in stolen funds. Badger has set up a status page while stating it is willing to work with the crook and “compensate you for identifying this vulnerability in the systems.” Cyber sleuths Chainalysis are helping with the investigation.
Looking at the breached #BadgerDAO web app that resulted in $120M loss
Dev console message:
“It looks like you’re using the development build of the Firebase JS SDK”
Was this app rushed to production without QA? 🤔 pic.twitter.com/dyRiIuEbo0
— Cem Paya (@randomoracle) December 2, 2021
Rumors had spread on Twitter that Celsius was embroiled in a significant theft of funds. Chatter indicated the theft could have topped $50 million. Celsius said it has traced the attacker and reported this information back to Badger, to assist with the investigation.
During an AMA held a few days back, Celsius confirmed that Celsius funds were stolen in the attack.
CEO and founder Alex Mashinsky said they are working with Badger to recover all of the funds. “No user funds are affected,” he affirmed.
In mid-November, it was reported that Celsius CFO Yaron Shalem was apparently arrested in Israel along with other individuals. Shalem was quickly “suspended” and his name was removed from the management page on the Celsisus website. We are still waiting for more details, hopefully from Celsius, on the status of the allegations involving Shalem. As was previously reported, it appears that Shalem’s arrest was related to his affiliation with Moshe Hogeg, an individual well known in the crypto sector who has been accused of money laundering and other misdeeds. Haaretz reported that allegations against Hogeg include human trafficking and child pornography. Hogeg has been involved in multiple crypto-based firms in past years.
Celsius said it wanted to remind its community to “exercise extreme caution when interacting with DeFi platforms, and when approving connections to the sites, apps, and smart contracts.” A best practices page for its users will be published in the coming days.