Radiant

Arbitrum

Radiant Capital

<p>Radiant Capital, a decentralized lending protocol, has suffered a massive cyberattack, losing more than $50 million in digital assets. The attack, which occurred across Binance's BNB Chain and Ethereum's layer-2 Arbitrum network, marks the second significant exploit the platform has faced this year, further raising concerns about the security of decentralized finance (DeFi) platforms.</p>
<h3 id="the-incident-unfolds">The Incident Unfolds</h3>
<p>The attack was first reported on Wednesday by blockchain security firm Ancilia Inc., which flagged suspicious activity involving Radiant Capital's smart contracts on BNB Chain. Initial reports showed approximately $16 million being drained from the platform on BNB. Shortly after, assets were also siphoned from Radiant's liquidity pools on Arbitrum. Another security firm, Hacken, later confirmed that the total stolen assets, including USDT, USDC, and ARB, amounted to nearly $50 million.</p>
<p>Radiant Capital acknowledged the issue on X (formerly Twitter), stating, "We are aware of an issue with the Radiant Lending markets on Binance Chain and Arbitrum," and assured users they were working with blockchain security teams SEAL911, Hypernative, ZeroShadow, and Chainalysis to investigate the breach.</p>
<figure class="image">
 <img alt="Screenshot 2024-10-16 at 5.19.32 PM.png" src="https://storage.bsc.news/Screenshot_2024_10_16_at_5_19_32_PM_7ede245c6b.png" width="1074" height="544">
</figure>
<h3 id="how-the-attack-happened">How the Attack Happened</h3>
<p>According to Web3 security firm De.Fi, the attackers managed to exploit Radiant's smart contracts through the 'transferFrom' function, allowing them to drain user funds. Radiant operates using a multi-signature (multisig) wallet system, requiring 11 signers to authorize any protocol upgrades. The attackers somehow obtained three of these private keys, which gave them enough control to modify the smart contracts and carry out the attack.</p>
<p>While the exact method by which the private keys were compromised remains unclear, some experts in the Ethereum security community have speculated that it may have resulted from a front-end attack. This type of exploit could have deceived legitimate key-holders into interacting with a malicious interface, thereby granting the attacker access to the protocol.</p>
<p>Radiant’s response included pausing its markets on Ethereum and the layer-2 network Base while urging users to revoke their smart contract permissions as a safety measure. The platform also directed users to the Revoke.Cash service to check if they were at risk.</p>
<h3 id="not-the-first-incident">Not the First Incident</h3>
<p>This latest exploit isn't the first time Radiant Capital has been targeted. Earlier in January, the protocol lost $4.5 million in a separate flash loan-based attack on Arbitrum due to a bug in its smart contracts. The recurrent breaches underline the vulnerabilities in DeFi systems, where even protocols designed to be capital-efficient and secure are regularly targeted by sophisticated hackers.</p>
<h3 id="the-broader-impact">The Broader Impact</h3>
<p>Radiant Capital operates as a decentralized autonomous organization (DAO) and describes its mission as unifying fragmented liquidity across Web3's various money markets into one seamless, omnichain platform. Despite its ambitious goals, repeated security incidents could undermine confidence in Radiant and similar DeFi projects. The need for more robust security frameworks is evident as hackers continuously exploit weak points in decentralized systems.</p>
<p>This breach, resulting in such a significant financial loss, highlights the risks for users engaging with DeFi platforms. Although Radiant and its team are working to address the issue, the full extent of the damage—both financial and reputational—is still unfolding.</p>
<h3 id="conclusion">Conclusion</h3>
<p>The $50 million exploit on Radiant Capital has rattled the DeFi community once again, raising serious concerns about the security of blockchain protocols and the safeguarding of user funds. With two major hacks in less than a year, Radiant faces an uphill battle to restore trust. The incident serves as a reminder of the critical need for constant vigilance and improved security mechanisms in the rapidly evolving world of decentralized finance.</p>
<p>This story is still developing, and Radiant Capital has yet to provide a detailed explanation of how the attackers obtained access to the private keys. Until the investigation concludes, users are advised to stay alert and take appropriate measures to protect their assets.</p>

Radiant Capital Hit by $50M Exploit Across BNB Chain and Arbitrum in Second Major Attack

Table of Contents

BSCN

Other articles published on Oct 24, 2024

Pennsylvania House of Representatives passes pro-crypto bill

Analytics Firm Reveals 4 Altcoins That Upbit May List, Sending Prices Soaring!

Michael Saylor's Legacy: Donating His Bitcoin Wealth to Humanity, Inspired by Satoshi Nakamoto

Rome Partners with Celestia to Boost Blockchain Performance and Scalability

Worldcoin Rebrands as "World," Expanding Partnerships and Biometric Technology

Best Cryptos to Buy in October: Discover the Rising Stars in Crypto

Join our free newsletter for daily crypto updates!