Radiant Capital’s Arbitrum and BNB Chain instances suffer $51 million hack attack

Decentralized lending protocol Radiant Capital suffered a hack attack, lose $50 million in crypto assets. The hacker exploited a vulnerability in the private keys of the protocol’s multi-signature wallet, allowing control of its smart contracts.

The exploit affected Radiant Capital’s BNB and Arbitrum instances, with hackers draining millions of assets.including Ether, USDC, and Wrapped BNB (WBNB).

Radiant Loses $51 Million in Crypto in Alleged Exploit

Blockchain security company Ancilia Inc. has revealed a hack attack against Radiant Capital, a leading cross-chain lending protocol.

#ancilia_alerts It seems something happened with @RDNTCapital contract on BSC. We have noticed several user account transfers via contract 0xd50cf00b6e600dd036ba8ef475677d816d6c4281. Please revoke your approval as soon as possible. It looks like the new implementation has…

– Ancilia, Inc. (@AnciliaInc) October 16, 2024

Reportedly, the attacker exploited a vulnerability in the protocol’s TransferFrom multi-signature wallet system.

🚨~$58,000,000 exploitation alert🚨

Radiant Capital contracts were operated on BSC & ARB chains with the ‘transferFrom’ feature, which helped drain user funds viz. $USDC $WBNB $ETH and others

⚠️Revoke approvals as soon as possible👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL

– De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024

This allowed them to gain unauthorized access to user accounts and withdraw millions of dollars in ETH, USDT, BNB, and USDC..

According to data from Arkham Intelligence, the exploit began on Wednesday on the protocol’s Arbitrum instance before moving to the BNB chain.

Radiant uses a multi-signature wallet system called transferFrom to secure and control its smart contracts. The exploit used the transferFrom function of Radiant Capital’s smart contract to compromise the private keys of its multi-signature wallet..

As a result, the hacker gained unauthorized access to several user accounts and withdrew their funds to another account. They allegedly moved tokens from a wallet controlled by Radiant to an address starting with 0x0629b, believed to belong to the hacker.

The address holds over $32 million in Arbitrum-based tokens and approximately $18 million in BNB chain assets. Most of the assets are Ether derivatives wstETH and weETH.

The wallet’s BNB balance currently shows over $5 million in crypto assets. Meanwhile, it is DeBank Account watch a balance of $51 million in tokensan increase of 2,619,512% in its assets since its creation.

Radiant Capital Security Issues and Response

In response to the latest breach, Radiant Capital has suspended its core and primary markets. He also revealed that he was working with blockchain security companies Chainalysis, Hypernative, SEAL911 and ZeroShadow to investigate the incident..

Furthermore, the protocol indicated that he delegated $10 million in funds to reimburse the victim. It advised users to cancel all Radiant contract addresses to avoid further exploitation.

🚨 Community reviews:

As user security is our primary concern, we recommend that all users temporarily revoke their approval of our agreement until we further investigate the recent compromise.

Revoke approvals now: https://t.co/wwMDk4hNXI pic.twitter.com/JbkYfx7SvQ

– Radiarnt CapitaI (@RDNTCapitail) October 16, 2024

Tony Ke, head of security research at Fuzzland, said warned Users should not interact with these contracts until each potential threat is resolved. Ke also promised that his company would work with the Radiant team to investigate the matter and explore possible measures to recover the lost funds..

The recent hacking incident raises concerns about the security of multi-signature wallet systems.

The exact cause of this flaw remains to be determined. Some believe this could be due to a front-end compromise or phishing scam. which caused the holders of the private key to unknowingly interact with malware.

Industry experts have criticized Radiant for its inadequate security measures. Polygon Labs chief security officer Mudit Gupta described the incident as a “key management failure.” According to him, Radiant Capital’s multi-signature portfolio had eleven signatories but only three signatures were required to execute transactions.

The exploit had a significant impact on the price of Radiant Capital’s native token, RDNT. Over the past 24 hours, RDNT price has fallen by over 11% and is currently trading at $0.06429.

Meanwhile, this is not Radiant Capital’s first breach. In January this year, the lending protocol suffered a flash loan attack, lose around 1900 ETH valued at $4.5 million.