Radiant Capital, a blockchain lending protocol, faced a massive loss of over $50 million due to a cyberattack on Wednesday. Security experts and blockchain data confirmed that an attacker managed to gain control of Radiant Capital’s blockchain contracts by obtaining three private keys that control the protocol.
The attack targeted Radiant Capital’s contracts on the BSC and ARB chains, using the ‘transferFrom’ function to drain users’ funds, including USDC, WBNB, ETH, and other cryptocurrencies. The platform, which offers tools for borrowing, lending, and bridging cryptocurrencies across blockchains, is controlled by a multisig wallet with 11 signers. The attacker was able to access three of these signers’ private keys, allowing them to upgrade the platform’s smart contracts.
This is not the first time Radiant Capital has been targeted in an exploit. In January of the same year, the protocol lost $4.5 million in a hack due to a bug in its smart contracts. The exact details of how the private keys were compromised in the recent attack are still unclear. Some experts speculate that the attack may have originated from a compromised front-end interface, leading legitimate key-holders to interact with a malware-infected protocol accidentally.
Radiant Capital acknowledged the exploit in a statement on its official account but did not provide specific details on the incident. The platform is working with security firms like SEAL911, Hypernative, ZeroShadow, and Chainalysis to address the issue. As a precaution, markets on Binance Chain and Arbitrum have been paused until further notice.
Radiant Capital operates under a decentralized autonomous community (DAO) and aims to unify liquidity across Web3 money markets in a safe and user-friendly manner. The platform’s mission is to create a capital-efficient omnichain that brings together fragmented liquidity from billions of sources.
This incident marks a developing story, and Radiant Capital has not responded to requests for comments at the moment. It is essential for users and investors to stay updated on the situation as more information becomes available. The security of blockchain protocols remains a critical concern in the rapidly evolving landscape of decentralized finance.
