A Wednesday hack stole over $50 million from Radiant Capital, a Binance-backed cross-chain lending blockchain protocol.
According to Web3 security firm De. Fi Antivirus, the attackers owned three out of eleven private keys necessary for updating the protocol. This enabled them to alter intelligent contracts on Arbitrum and Binance Smart Chain (BSC) networks.
🚨~$58,000,000 Exploit Alert🚨
Radiant Capital contracts were exploited on BSC & ARB chains with the ‘transferFrom’ function, which allowed to drain users’ funds, namely $USDC $WBNB $ETH and others
⚠️Revoke approvals ASAP👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL— De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024
Radiant Capital Suspends Lending After $53 Million Crypto Hack
Having been attacked by crypto hackers who made away with 50,000 ether worth $53 million, Singapore-based Radiant Capital stopped offering lending services.
Some stolen products were cryptocurrencies, including USDC, ETH, and BNB. They took advantage of a known function called ‘transfer from,’ which allowed them to drain tokens directly from user wallets to their own.
Blockchain analytics firm Lookonchain declared how the adversaries cashed out assets worth 12,835 ETH, equivalent to $33.6m, and 32,113 BNB valued at $19.4m.
Radiant Capital(@RDNTCapital) hacked for $53M on #Arbitrum and #BSC 8 hours ago!
The hacker swapped the stolen assets for 12,835 $ETH($33.6M) and 32,113 $BNB($19.4M).
Please revoke access to the following contracts on https://t.co/inHmYxIkPw.… pic.twitter.com/CTWhjOXagZ
— Lookonchain (@lookonchain) October 17, 2024
After the hack, Radiant Capital closed the respective BNB Chain and Arbitrum lending to avoid further fraud transfers.
According to the protocol team, they are working with SEAL911, Hypernative, ZeroShadow, and Chainalysis to remedy the situation, and they claimed that the users would receive updates indicated on their screenshots. However, the Base & Mainnet platform markets are suspended until further notice.
Radiant Faces Second Crypto Hack in 2024
This recent incident is only the second security attack on Radiant in the current year. In January, the protocol suffered a separate $4.5 million loss in a similar attack resulting from an issue in a smart contract.
The latest attack differed from the previous one, and it happened in a flash loan exploit. This time again, the attackers penetrated three signers, allowing them to transfer ownership of the contracts and deploy new versions.
According to the details regarding cryptocurrency, in September 2024, over $120 million of cryptocurrencies were stolen through numerous cyber-attacks on various platforms.
The report gathered from PeckShield shows that over 20 incidents occurred, impacting both centralized and decentralized systems. BingX, Penpie, and Indodax complained of the highest losses; these platforms lost more than $90 million overall.
This news is republished from another source. You can check the original article here
