Decentralized lending protocol Radiant Capital suffered a hacker attack. Lost $50M in Crypto Assets. Hackers exploited a vulnerability in the protocol’s multi-signature wallet private keys, allowing control of its smart contracts.
The vulnerability affected Radiant Capital’s BNB and Arbitrum instances, costing hackers millions of dollars in assetsincluding Ethereum, USDC and Wrapped BNB (WBNB).
Radiant loses $51 million for allegedly exploiting cryptocurrencies
Blockchain security firm Ancilia Inc. has disclosed a hack against leading cross-chain lending protocol Radiant Capital.
#ancilia_alerts something seems to have happened @RDNT Capital BSC Contract. We noticed several transfers from user accounts via contract 0xd50cf00b6e600dd036ba8ef475677d816d6c4281. Please revoke your approval as soon as possible. The new implementation seems…
— Ancilia Inc (@AnciliaInc) October 16, 2024
Attackers reportedly exploited a vulnerability in the protocol’s TransferFrom multi-signature wallet system.
🚨~$58,000,000 Vulnerability Alert🚨
The Radiant Capital contract is exploited on the BSC and ARB chains and has a “transferFrom” function that can drain user funds, i.e. $USDC $WBNB $ETH and others
⚠️Withdraw approval as soon as possible👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL— De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024
This allowed them to gain unauthorized access to user accounts and withdraw millions of dollars in ETH, USDT, BNB and USDC.
according to data According to Arkham Intelligence, the breach began on the protocol’s Arbitrum instance on Wednesday before moving onto the BNB chain.
Radiant uses a multi-signature wallet system called TransferFrom to secure and control its smart contracts. The vulnerability exploits the transferFrom function of the Radiant Capital smart contract to leak the private key of its multi-signature wallet.
As a result, hackers gained unauthorized access to multiple user accounts and withdrew funds to another account. They reportedly moved the coins from a Radiant-controlled wallet to an address starting with 0x0629b, which is said to belong to the hackers.
This address holds more than $32 million in Arbitrum tokens and approximately $18 million in BNB chain assets. Most of the assets are Ethereum derivatives wstETH and weETH.
The wallet’s BNB balance currently shows over $5 million in crypto assets. At the same time, its German bank account programme Token balance is $51 millionits holdings have increased by 2,619,512% since its inception.
Security Concerns and Radiant Capital’s Response
In response to the latest breach, Radiant Capital suspended its base and mainnet markets. It also revealed that it is working with blockchain security companies Chainaanalysis, Hypernative, SEAL911 and ZeroShadow to investigate the incident.
Furthermore, the agreement states that it authorizes US$10 million in funding to compensate the victim for his losses. It advised users to cancel all Radiant contract addresses to avoid further exploitation.
🚨 Community notification:
Because user safety is our first concern, we recommend that all users temporarily withdraw their approval of our contracts until we further investigate the recent breach.
Withdraw approval immediately: https://t.co/wwMDk4hNXI pic.twitter.com/JbkYfx7SvQ
— Radiarnt CapitaI (@RDNTCapitail) October 16, 2024
Tony Ke, director of security research at Fuzzland, has warn Users should not interact with these contracts until all potential threats have been addressed. Ko also promised that his company would work with Radiant’s team to investigate the matter and explore possible measures to recover the lost funds..
Recent hacks have raised concerns about the security of multi-signature wallet systems.
The exact cause of the vulnerability remains to be determined. Some have speculated that this could be due to a front-end leak or a phishing scam, This results in the private key holder unknowingly interacting with malware.
Industry experts criticized Radiant’s security measures as inadequate. Polygon Labs chief security officer Mudit Gupta described the incident as a “key management failure.” According to him, Radiant Capital’s multi-signature wallet has 11 signers, but Only three signatures are needed to execute transactions.
The vulnerability had a significant impact on the price of Radiant Capital’s native token, RDNT. The price of RDNT has fallen by more than 11% in the past 24 hours and is currently trading at $0.06429.
At the same time, this is not Radiant Capital’s first breach. In January this year, the lending agreement suffered a flash loan attack. Lost approximately 1,900 ETH, worth $4.5 million.