- Radiant Capital, a decentralised lending protocol, suffered a cyberattack, losing over US$50M after hackers gained control of its contracts by compromising three private keys from its multi-signature wallet.
- The exploit affected both the Binance Smart Chain and Arbitrum networks, allowing the attackers to drain assets such as USDC, WBNB, and ETH.
- Following the attack, Radiant’s native token, RDNT, dropped by 9%, and the protocol is currently working with security firms to investigate the incident.
Radiant Capital, a blockchain lending protocol, suffered a cyberattack that resulted in a loss of over US$50M (AU$74.82M).
Security experts revealed that the attacker gained control of the platform’s contracts by obtaining three private keys from its multi-signature wallet, which controls the protocol.
Related: FBI Crafts Fake Crypto Token in Historic Sting to Tackle Market Manipulation, Charges 18
The exploit impacted the Binance Smart Chain and Arbitrum networks, allowing hackers to drain assets like USDC, WBNB, and ETH.
And Another One
Radiant Capital, which is a decentralised lending protocol leveraging LayerZero technology, had already lost US$4.5M (AU$6.73M) in a January hack due to a smart contract bug.
As if things couldn’t get worse, the cause of this particular breach remains unclear. However, the crypto community speculates it could involve a compromised front-end, causing keyholders to unknowingly interact with malware.
According to Polygon Lab’s Chief Security Officer, Mudit Gupta, it’s more straightforward — Radiant’s multisig wallet had 11 signers but only required three signatures to execute transactions. Industry experts have criticised this low threshold as inadequate given the protocol’s size.
However, there’s no need to worry, as Radiant has acknowledged the incident and is currently collaborating with various security firms to investigate it.
Security firm Hacken revealed that the malicious contract was prepared 14 days prior, with an unsuccessful exploit attempt six days earlier.
Unsurprisingly, Radiant’s native token, RDNT, dropped 9% following the news, trading at $0.066.
Related: Trump-Endorsed Crypto Token Sale Falls Short of Target, Faces Technical Issues
In Q3 of 2024, total crypto hacks combined resulted in about $1.58 billion (AU$2.36 billion) in losses, nearly double the US$857 million (AU$1.28 billion) stolen during the same period in 2023. By the end of August, the total stolen had reached US$1.21 billion (AU$1.8 billion), reflecting a 15.5% increase from the US$1.048 billion (AU$1.57 billion) taken by this time in 2023.
Cyber-criminal groups in North Korea, especially Lazarus, are largely responsible for these crimes, scheming all kinds of plans to trick DeFi protocols, employees, and regular users.
Credit: Source link