top of page

Radiant Capital Reels from $50 Million Hack, FBI Joins Investigation

Writer's picture: Blockonome GnomeBlockonome Gnome

DeFi platform Radiant Capital suffers a $50 million theft after a sophisticated cyber attack, with FBI assistance in recovering stolen assets.


Radiant Capital Reels from $50 Million Hack, FBI Joins Investigation

Radiant Capital, a decentralized finance (DeFi) platform, has been struck by a $50 million hack, targeting the wallets of core developers in a complex, coordinated cyber attack. The breach, which occurred on October 16, 2024, exploited hardware wallet vulnerabilities and advanced malware techniques, leading to a significant loss of assets, including USDC, WBNB, and ETH.


The attackers successfully compromised the wallets of three key developers, infiltrating the system during a multi-signature adjustment process, which is typically seen as a routine security measure. By manipulating the transaction verification process, the hackers managed to execute malicious transactions without detection, bypassing both internal security checks and external audits from respected cybersecurity firms like SEAL911 and Hypernative.


The sophisticated nature of the attack, which affected Radiant’s decentralized autonomous organization (DAO) contracts on Binance Smart Chain (BSC) and Arbitrum, allowed the perpetrators to drain the liquidity pools without raising alarms. Radiant Capital, reeling from the loss, has since enlisted the support of U.S. law enforcement, including the FBI, to aid in recovering the stolen assets.


Radiant Capital’s response has been swift, with the platform immediately enhancing its security protocols. New measures include multi-layer signature verifications and the use of independent devices to confirm transaction data before approval. Fresh cold wallet addresses have been implemented using new devices, ensuring that any compromised wallets have been replaced.


The platform has also tightened its multisig protocols, reducing the number of signers for Admin and DAO multisigs to seven and increasing the signing threshold to four, ensuring that at least 60% approval is needed for any transaction to move forward. Additional safes are expected to receive similar security upgrades soon.


As part of its recovery plan, Radiant is working closely with cybersecurity experts to analyze the digital trails left by the attackers. Radiant Capital’s CEO emphasized the company's commitment to working with authorities: "We’re doing everything in our power to recover the funds and safeguard our platform. Bringing the FBI onboard shows our seriousness in dealing with this threat."


In an effort to prevent future vulnerabilities, Radiant has introduced cross-checking measures for all transaction data using Etherscan’s input data decoder. This new step is expected to enhance transaction accuracy and provide another layer of security against unauthorized access.


While Radiant Capital expects to resume activity on Base and Ethereum markets with new, more secure contracts in place, the attack has prompted a warning for users to revoke any approvals for tokens linked to Radiant. The address for revoking approvals is 0xd50cf00b6e600dd036ba8ef475677d816d6c4281, and users are being urged to act swiftly to protect their funds.


This is not the first time Radiant has faced such challenges. Earlier in the year, the platform lost 1,900 ETH (valued at $4.5 million at the time) after a hack exploited vulnerabilities when activating a new market. While Radiant has since bolstered its security measures, the latest attack has highlighted the persistent risks facing DeFi platforms.


As the investigation continues, Radiant Capital’s efforts to recover from the $50 million theft are being closely watched, with both the platform and its community hoping for a successful resolution.


photo source / Blockonome

Kommentare


Top Stories

Thanks for subscribing!

© 2024 by Blockonome. 

Bring global cryptocurrency news straight to your inbox. Sign up for our monthly newsletter.

  • X
  • LinkedIn
  • TikTok
  • Instagram
  • Facebook

Blockonome's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

bottom of page