Highlights:
- Radiant Capital lost $50 million in a security breach on October 16.
- Attackers used malware to compromise developers’ wallets and manipulate transactions.
- Radiant is enhancing security measures and working with law enforcement agencies.
On October 18, Radiant Capital, the blockchain lending protocol, announced on social media that it suffered a $50 million loss from a complex security breach that occurred on October 16. The company has notified that it collaborates with U.S. law enforcement and cybersecurity teams to freeze stolen assets and track down attackers.
Advertisement
On October 16, 2024, Radiant Capital experienced a highly sophisticated security breach that resulted in the loss of $50 million USD. The attackers exploited multiple developers' hardware wallets through a highly advanced malware injection.
The devices were compromised in such a…
— Radiant Capital (@RDNTCapital) October 18, 2024
Understanding the Hack and Its Impact
According to the report, the attackers used sophisticated malware injection to compromise the hardware wallets of three core developers. This breach manipulated the front-end transaction verification process. It allowed hackers to carry out harmful transactions secretly while users believed everything was functioning normally.
The anomaly remained unnoticed during regular inspections by Radiant Capital’s internal team and external security audits conducted by firms such as SEAL911 and Hypernative. This breach happened during a routine multi-signature emissions adjustment process, conducted periodically to adjust to market conditions and usage rates. The compromise went entirely undetected during the manual review of the Gnosis Safe UI and the Tenderly simulation phases. This has been verified by external security teams like SEAL911 and Hypernative.
After the breach, attackers stole over $50 million worth of USDC, WBNB, and ETH. They exploited vulnerabilities in the DAO’s blockchain contracts on Binance Smart Chain (BSC) and Arbitrum, draining assets from liquidity pools. They also took advantage of open approvals to withdraw funds from users’ accounts. Radiant Capital strongly advised all users to revoke any approvals across all chains—Arbitrum, BSC, Ethereum, and Base.
Law Enforcement and Cybersecurity Firms Assist in Crypto Hack Investigation
The company revealed that it is working with blockchain security firms Chainalysis, SEAL911, Hypernative, and ZeroShadow to investigate the incident. U.S. law enforcement, including the FBI, is also aware of the breach and is working to freeze all stolen assets. The DAO has been significantly impacted by this attack and will continue to collaborate with relevant agencies to identify the attackers and promptly recover the stolen funds.
The Platform Strengthens Security Measures Post-Incident
After the incident, Radiant Capital prioritized enhancing its security measures to reduce future attack risks. This involves enforcing stricter multi-layer signature verifications and utilizing independent devices to validate transaction data before approval.
To boost security, contributors created new cold wallet addresses using secure devices. The DAO improved Admin and DAO multisigs by limiting signers to seven and raising the approval threshold to four. This means nearly 60% approval is needed for any transaction. Additional safes will receive similar upgrades soon.
Contributors are adding an extra verification step using Etherscan’s input data decoder. This improves accuracy and protects against errors. The DAO aims to resume activity on the Base and Ethereum markets in a few days.
Radiant Protocol Targeted Twice in 2024
This is Radiant’s second exploit in 2024. In January, the protocol lost $4.5 million in a flash loan attack, causing a nearly 40% drop in its total value locked.
Radiant Capital was subject to a flash-loan-based exploit upon launching the new native USDC market on Arbitrum on January 2nd at 06:53:29 PM +UTC, leading to the protocol accruing bad debt in the WETH market totaling about 1.3% of total protocol TVL. 🧵1/10👇
— Radiant Capital (@RDNTCapital) January 3, 2024
In September 2024, attackers stole over $120 million from various crypto platforms. According to PeckShield data, there were more than 20 incidents affecting both centralized and decentralized systems. The biggest losses were reported by BingX, Penpie, and Indodax, totaling over $90 million.
#PeckShieldAlert September 2024 saw 20+ hacks in the crypto space, leading to ~$120.23 million in losses. (Note: The $32.4 million worth of $spWETH drained in a Permit signature #phishing is not included)#Top 10 Hacks in September 2024:#BingX: $44 million#Penpie: $27 million… pic.twitter.com/t2YuvIds6u
— PeckShieldAlert (@PeckShieldAlert) October 1, 2024
Advertisement
